PreviewsPreviewsPreviewsPreviewsPreviewsPreviewsPreviewsPreviews

Latest Headlines

Sponsored Ads:





Your iPhone Is Not Safe!!!

Posted by Qwerty in Announcements, Mobile News, Off Topic Rant on July 23rd, 2007

Email This Post Email This Post


(As the NYTimes Reports) A successful vulnerability has been found. Working with the iPhone’s architecture (which also includes some tools from the #iphone-dev community), and proof-of-concept exploit capable of delivering files from the user’s iPhone to a remote attacker. Apple has been notified about the vulnerability and proposed a patch.

The exploit is delivered via a malicious web page opened in the Safari browser on the iPhone. There are several delivery vectors that an attacker might utilize to get a victim to open such a web page. For example:

  • An attacker controlled wireless access point: Because the iPhone learns access points by name (SSID), if a user ever gets near an attacker-controlled access point with the same name (and encryption type) as an access point previously trusted by the user, the iPhone will automatically use the malicious access point. This allows the attacker to add the exploit to any web page browsed by the user by replacing the requested page with a page containing the exploit.
  • A misconfigured forum website: If a web forum’s software is not configured to prevent users from including potentially dangerous data in their posts, an attacker could cause the exploit to run in any iPhone browser that viewed the thread. (This would require some slight changes in our proof of concept exploit, however.)
  • A link delivered via e-mail or SMS: If an attacker can trick a user into opening a website that the attacker controls, the attacker can easily embed the exploit into the main page of the website.

When the iPhone’s version of Safari opens the malicious web page, arbitrary code embedded in the exploit is run with administrative privileges. In our proof of concept, this code reads the log of SMS messages, the address book, the call history, and the voicemail data. It then transmits all this information to the attacker. However, this code could be replaced with code that does anything that the iPhone can do. It could send the user’s mail passwords to the attacker, send text messages that sign the user up for pay services, or record audio that could be relayed to the attacker.

[youtube M26sur1YAL4 nolink]

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

Tags: , , , , , ,



Related Post







 
RSS Feed | Trackback URI

No Comments Yet - You can be the first to comment!

Leave a comment »


You must be logged in to post a comment.

Latest Features

Did You Ever Want Hot Chicks and Loads of Free Games?

Well This is not the place to find them. But If you Think you can do a better job of posting or reporting on news stories? Prove it. OLGn is searching for talented writers to assist in the site’s daily news writing duties.
We are looking for smart, capable freelance news writers to lend a hand [...]


Gamespot, advertising-supported media, and the rage of the internet

In case you haven’t heard, the word on the street is that Jeff Gerstmann, long time reviewer and current editorial director for Gamespot, has been fired for giving Kane and Lynch a mediocre, though very negatively worded, score. According to the rumor mill, Eidos got pissed and threatened to withdraw the huge amount of advertising [...]


Wii still leading consoles, but for how long?

Video Game Chartz has released the hardware sales chart for America for the week ending Nov. 10, and once again Nintendo’s Wii is first and Sony has come in last.
The Wii came in first for the week at 192, 482, followed by the Xbox 360 at 173,895 and the DS at 142,299. Sony’s PSP [...]


» more featured posts...