New iPhone Vulnerability Gives Attacker Complete Control
It’s only been weeks since its release, and a security flaw has already been found in the iPhone. Security researchers from Security Evaluators were able to execute an exploit on the iPhone that gave them complete control of the device. Not only were they able to access the filesystem, including contacts, text messages, and more, but they also had control of the iPhone’s hardware and could make the phone vibrate, for example. The exploit can be delivered through a malicious web page, or a compromised wireless access point, meaning hundreds of thousands of iPhones are at risk.
The security researchers are not releasing any details of the exploit until August 2, to give Apple time to produce a fix. However, it is very unlikely that every iPhone user will apply the patch by then.
Here is their video demonstrating the exploit- there is little new information in the video, but the implications of such a hack are very troubling. The era of widespread phone viruses, literally spreading through the air just like a real infection, may be upon us.
The extremely insecure iPhone root password, “alpine” has already been cracked, but that doesn’t matter, because every process on the iPhone runs as root. On UNIX systems like the iPhone and Mac OS X, the “root” administrative account has complete access to the system- it can do anything. This configuration is why the iPhone does not allow third party applications- any application running on your iPhone has complete control over the hardware and software of the phone. The root account can even wipe the hard drive, meaning a malicious attacker armed with this exploit could easily brick any iPhone within range of his access point.
Running every process as superuser represents a tremendous mistake on Apple’s part- a major reason there are so many Windows viruses is that every program runs as superuser by default- a practice only eliminated in Vista. Ironically, OS X leaves the root account disabled by default- but it is fully enabled and fully active on the iPhone.
How do you think this exploit was accomplished, and what could Apple do to prevent future hacks?
Related Posts:
This Might Make Me Want to Get an iPhone
iPhone Review Roundup
The Next Big Thing is Already Here
Selfcasting
The Facebook Juggernaut…bitch!
El que no corre vuela en esta epoca, van con todo con respecto a romper la seguridad de los equipos
I have read several articles about this. I have not read of anything about a fix, have you heard anything?
Although i was’nt able to understand wat Leonardo said … lolzz
But yes this news comes as a shock to all the users of iPhone …. even i was thinking to get myself one … but after this i think i ll wait and watch.Lets hope apple comes out …. with a good patch for that … but really interesting to see how someone can control the phone …… !!!!
Apparently there was a guy from Queensland that hacked the iPhone so he could make calls on the Australian network. I don’t think he could receive calls though, or send or receive text messages, so the whole thing proved a little useless!
my fiancĂ© (who is currently working in L.A) was thinking of getting an iPHONE before. But after realizing what is going to be at stake when he buys this hip gadget, he just scrap the idea of getting one and even said that “it’s just a piece of crap.” He’ll just buy one when he’s comfortable that Apple finally resolves the numerous issues this controversial phone has.
Oh well, lI can’t comment on this one though. I am a loyal Nokia user.
Buy cheap phentermine mg tabs lowest prices….
Buy phentermine. Buy phentermine online with paypal. Mg buy phentermine. Buy phentermine with mastercard. Buy cheap phentermine on line now save. Phentermine buy phentermine cheap phentermine. Buy phentermine on line….
i phone needs to be hacked! anyway …
10MP digital camera 1gb mp belkin keyboard and mouse boys spy cam camera digital camera tripods car dvd player dual car dvd player uk car dvd players reviews cheap mp3 mp4 player Cheap Mp3 player digital backdrops Digital Camcorder digital camera and camcorder digital lighting digital rebel dolby ac3 audio ds lite Gadget-net gadgets gb mp4 player gb usb flash memory hdd audio hdd firmware hidden spy cameras laptop batteries battery laptop batteries thinkpad laptops networking mini spy camera mp3 and mp4 player mp3 mp4 players mp4 digital player Mp4 Player music player code nano accessories nintendo ds sims pc network games pink ds play psp games portable digital photo frame portable hdd player psp rss reviews speakers sandisk sansa mp3 player sigmatel audio transcend mp3 player tripod camera usb flash memory cards usb hdd player usb spy camera wireless digital picture frame wireless spy camera wireless spy cameras www.gadget-net.com
Lotensin….
Lotensin….
Anyone can tell me please where to find the best iPhone games? I couldn’t find anything nice.
Well, actually there are several good blogs for iphone games. Check macmost.com or appleiphonegames.blogspot.com for example. They publish the latest occurring games.
good article
Nice idea!!! people like me get bored while reading some articles but you are clever you just put a video in yours. .
Great!! and Thanks for posting this one!!!!
Such a great article, thanks for sharing such information. Keep up the good work buddy.
Cheers !!
Very interesting
Well guess even the i phone is not flawless. This is not good news to people who are using it.
I think the i phone people that is apple need to find some remedy or the i phone will suffer the wrath of other touch screen phones.
Good video as many of them said, good idea to put it up.
Glad to see that lots of people share my same interests and thoughts.Great Blog. I will continue reading it in the future. Nice layout too. I will bookmark this site, and will look for any articles about LCD digital photo frame.. Thumbs up!!