iPhone Gets Owned by Security Vulnerabilities
According to InfoWorld, Charles Miller, Jake Honoroff, and Joshua Mason just found the Apple iPhone’s first security vulnerability.
Research trio claims the iPhone’s data can be stolen and the device can even be turned into a remote surveillance tool
This exploit comes from a vulnerability in iPhone’s Safari and proof-of-concept has been implemented. The result?
The iPhone is owned. “In our proof of concept, this code reads the log of SMS messages, the address book, the call history, and the voicemail data, it then transmits all this information to the attacker.”
So what can be done? Nothing right now as Apple has been notified and they have just a mere 2 weeks before details of the exploit get released at a Black Hat 2007 security conference in Las Vegas.
Technorati Tags: Apple, IPhone, Security Vulnerability, Exploit, JAMM, Just Another Mobile Monday
Search JAMM »
Our Sponsors
Most Popular »
-
Review: DXG 3D View DXG-5F9V HD Camcorder
-
Amazon Kindle 4th Generation – Kindle Up For Amazing Reading!
-
Best Buy iTune Gift Card Deals–20% Off!
-
Happy 2012!
-
FREE: Asphalt 6: Adrenaline for iOS
-
$50 iTunes e-Gift Card for $40 at Walmart.com
-
Link Love: In-Vehicle Cell Phone Use Ban Response by Chris Spera
-
GoodReader Gets More Networking Goodness
-
Review: The Oregon Trail: American Settler
-
Review: GoodReader for iPad–More than just good….it’s GREAT!
-
Review: Sprint / Nextel Motorola Titanium
- That should have been automatic after purchasing. I found myself accidentally u...
- I purchased dollars on the game Oregon Settler 3 times and have not received the...
- gracias.....
- Good question, Craig. The range of the device is actually variable. It does no...
- Thanks for the in depth review. One thing that I am curious about and don't hap...
- The main argument I see for Flash being needed on mobile devices such as the iPh...
- My XP gave up the ghost (although I have since resurrected it and reinstalled my...
- You'll be able to get both from ThinkGeek.
Gadget Shoulder Holster
http://ww...
- 1793 (1)
- Accessories (506)
- Android (206)
- Blackberry (172)
- Books, Music, and Media (14)
- cameras (4)
- Carrier News (145)
- Contests (179)
- Deals and Giveaways (585)
- Featured (409)
- Free For All (85)
- General (995)
- GPS devices (12)
- iPad (78)
- iPad (68)
- iPhone/iPod Touch (620)
- JAMM (222)
- JAMM News Network (5)
- JAMM Store (182)
- Laptops and Netbooks (107)
- Laptops, MIDS, and other Portable Devices (17)
- MIDS and UMPC (15)
- Other Devices (211)
- Palm/WebOS (295)
- Phones and Mobile Devices (80)
- Reviews (767)
- Symbian/Nokia (133)
- Tablet PC (8)
- Tips and Tricks (135)
- Views (628)
- Windows Phone (1497)
From Our Friends »
The Mobile Spoon
Clinton Fitch
Warning: array_slice() expects parameter 1 to be array, null given in /home/jamm/justanothermobilemonday.com/Wordpress/wp-content/themes/pearl-jamm/sidebar.php on line 232
Just Another iPad Blog
© 2009 Just Another Mobile Monday . All Rights Reserved. Sign up for entries RSS and for the comments RSS.
JAMM logo by Talon Communications Group | 
it's 18.
3 Comments
You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.PatrickJ
Jul 25, 2007
The security researchers’ paper on all of this is very good – it’s at: http://www.securityevaluators.com/iphone/exploitingiphone.pdf.
They also detail a second level of exploit where the iPhone can be made to execute system commands, like playing an alert sound or making a call.
Brandon Steili
Jul 25, 2007
FUD ….
It’s a safari vulnerability that affects Windows and OS X:
Is the new vulnerability in the Mac or Windows versions of Safari?
The vulnerability is also present in both the Mac and Windows versions of Safari, though it may or may not be exploitable there.
Source: http://www.securityevaluators.com/iphone/
PatrickJ
Jul 25, 2007
I don’t totally agree. One key security flaw they discuss is that ALL processes on the iPhone run with SuperUser privileges. So, if you manage to exploit a single app like the browser (as they have), you completely own the device. Now I haven’t used a Mac in quite a while, but if the same horrific SuperUser flaw exists on a Mac, then Wow, that ‘Macs can’t be hacked’ theory really looks silly. Then again, that has been looking less and less true anyway.
And actually, with UNIX under its hood, obviously Mac OSX does not share this flaw with the phone device …
Leave a Reply