Friday, July 31, 2009

iPhone Text Vulnerability

A pair of security experts have found a vulnerability in the iPhone that allows a hacker to take control of an iPhone through a text-message attack.

Cybersecurity researchers Charlie Miller and Collin Mulliner explained the security hole at the Black Hat cybersecurity conference in Las Vegas on Thursday. They said they informed Apple of the problem a month ago but the problem has not been patched, according to Forbes, which said Apple has declined to comment on the issue.


The iPhone, Miller and Mulliner said, can be controlled by an outside hacker through a series of mostly invisible SMS - short message service - bursts. That would give someone control over an iPhone user's phone, text messaging, Web browsing, microphone and camera functions. There is a similar flaw in Windows Mobile phones.


Should You Worry?
MyMobiSafe founder Eric Everson said it's highly unlikely they will be targeted. He said the attack would require hundreds of SMS texts (512 to be exact) to any phone. He said if any of the SMS messages are deleted before the attack is complete, then the hack will not be effective.


To be on the safe side, if you receive a text message with a square in it, turn off your iPhone or switch the device into airplane mode. (
more)
◊◊◊◊◊◊◊◊◊◊◊◊◊◊◊◊...
(just kidding :)

UPDATE - "Less than 24 hours after a demonstration of this exploit, we've issued a free software update that eliminates the vulnerability from the iPhone." - Apple spokesman, Tom Neumayr. (more)