Welcome to WebmasterWorld Guest from 54.234.114.182

Forum Moderators: bakedjake

Message Too Old, No Replies

iPhone SMS Vulnerability

     
10:58 am on Jul 31, 2009 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month

joined:May 9, 2000
posts:23241
votes: 357


iPhone SMS Vulnerability [pcworld.com]
At the Black Hat security conference in Las Vegas, an iPhone security flaw has come to light. The iPhone security flaw--which exploits a weakness in SMS text messaging to take control of the device--appears real, but will probably be addressed before it becomes a serious issue.The truth is that there are millions of iPhones in use today, and while many have been jailbroken, I am unaware of a single report of someone having their phone hacked in the wild. Of course, this might change now that the cat is out of the bag, but I wouldn’t lose any sleep until there are reports of iPhones actually being exploited.
6:04 pm on July 31, 2009 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month

joined:May 9, 2000
posts:23241
votes: 357


Apple to Patch iPhone Security Flaw [news.bbc.co.uk]
Apple is set to release a software patch to address a recently described security flaw in the iPhone, the UK network operator 02 has said.

An O2 spokesperson said the patch would be available Saturday through iTunes.

"We will be communicating to customers both through the website and proactively," the spokesperson added.

6:49 pm on July 31, 2009 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member 10+ Year Member

joined:June 12, 2003
posts:709
votes: 13


The patch is out now.
7:45 pm on July 31, 2009 (gmt 0)

Moderator from US 

WebmasterWorld Administrator lifeinasia is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Dec 10, 2005
posts:5627
votes: 47


"We will be communicating to customers both through the website and proactively," the spokesperson added.

Through SMS? :)
8:18 pm on July 31, 2009 (gmt 0)

Senior Member

WebmasterWorld Senior Member 5+ Year Member Top Contributors Of The Month

joined:July 29, 2007
posts:1745
votes: 80


The truth is that there are millions of iPhones in use today, and while many have been jailbroken, I am unaware of a single report of someone having their phone hacked in the wild.

I seem to remember iphone hacking people's units themselves with an undisclosed "back door", much like Amazon did with Kindle devices. Since Amazon was sued and class action status is requested on that I wonder if I can get apple to patch the back door off my phone too? I mean, it would "fix a vulnerability" afterall.

8:41 pm on July 31, 2009 (gmt 0)

Moderator from US 

WebmasterWorld Administrator travelin_cat is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Feb 28, 2004
posts: 3171
votes: 5


It's interesting that a writer for PC World would leave off this important fact - the vulnerability is not unique to the iPhone:

Researchers Charlie Miller and Colin Mulliner revealed the flaw during a presentation at the Black Hat USA 2009 conference in Las Vegas. The vulnerability was demonstrated on iPhone, Android and Windows Mobile smartphones and, according to reports, can be prevented only by turning the handset off.

From Yahoo News [uk.news.yahoo.com].

9:35 pm on July 31, 2009 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Sept 17, 2002
posts:2251
votes: 0


Does this exploit affect things like the iPod Touch running an SMS app like Textfree?
10:00 pm on July 31, 2009 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Dec 20, 2004
posts:2377
votes: 0


Microsoft is the top sponsor for the event. Might come into play why only the iPhone was mentioned. Perhaps they had a controlled release of the information?

In any case seems like the fix is already available for iPhone. Is there a fix yet for Windows Mobile or Android?

7:09 am on Aug 1, 2009 (gmt 0)

Senior Member from CA 

WebmasterWorld Senior Member 10+ Year Member

joined:June 18, 2005
posts:1735
votes: 19


It's interesting that a writer for PC World would leave off this important fact - the vulnerability is not unique to the iPhone:

From what I've heard, other phone OS have already patched the vulnerability and Apple is the tardy one.