backtop


Print 82 comment(s) - last by callmeroy.. on Jul 7 at 8:48 AM


  (Source: Attack of the Show)

A gaping hole in the iPhone 3G S's beefed up security, allows a packet of code to be fired into it via SMS and compromise the entire system. Apple says that it will fix the major flaw by the end of July.  (Source: AppleIPhoneReview)
IPhone SMS vulnerability could allow malicious users to install and execute malware

Recently, Apple has struggled with the security ramifications of a higher commercial profile, and seeing an increasing number of OS X malware.  Now another security flaw has been found, this time in the iPhone OS.  The flaw allows attackers to gain root access to the iPhone's underlying OS, allowing them to install and execute malicious programs at will.

The iPhone apparently automatically executes binary code sent in SMS messages.  Messages are limited to 140 bytes, but this is little deterrence as longer programs can be broken up into several messages, which the phone automatically reassembles.  While other applications such as the Safari browser on the phone only enjoy access to their sandbox, the SMS system is automatically granted root access, and SMS commands execute as root.

Charlie Miller, during a presentation at the SyScan conference in Singapore on Thursday introduced the vulnerability to the public.  He declined to go into specific details or offer his proof-of-concept code to the public, as he has entered under an agreement with Apple.  Mr. Miller did state, "SMS is a great vector to attack the iPhone."

He went on to describe several examples of how such an attack could prove beneficial to malicious parties.  Among his ideas were to use the phone's GPS technology to track people, to turn on the phone's microphone to snoop on meetings or conversations, and to use groups of the infected phones to form a botnet and launch distributed denial-of-service attacks.

Apple will have a fix ready by the end July, it says.  Mr. Miller says he will hold off on releasing details of his attack until then.  He will present the attack in its full glory at the Black Hat USA 2009 conference in Las Vegas.  Mr. Miller is the author of The Mac Hacker's Handbook, one of the leading resources for prospective Apple hackers.

He praises Apple's efforts with the iPhone saying that the stripped down version of OS X provides less attack opportunities.  He says that lack of support for Adobe Flash and Java while an annoyance to users actually aid security, as these are traditional attack vectors.  He also notes the phone's provisions to only run Apple-signed code and to provide hardware encryption as other promising features.  

Many of these features were added in the new iPhone 3G S, but were not present in the iPhone 3G leading the iPhone 3G to receive failing marks in a recent security study.  Mr. Miller concludes, "The iPhone is more secure than OS X, but SMS could be a critical vulnerability."



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

Not what I was expecting
By amanojaku on 7/2/2009 3:43:45 PM , Rating: 3
From an article describing "gaping holes" and displaying Olivia Munn licking equipment. ;-)




RE: Not what I was expecting
By honestIT on 7/2/2009 3:47:01 PM , Rating: 2
Gaping Hoes maybe?


RE: Not what I was expecting
By bighairycamel on 7/2/2009 4:45:24 PM , Rating: 3
Yah I will probably be downrated for saying this, but I don't get how people find her attractive? She's just..... meh.

Of course opinions are like buttholes........


RE: Not what I was expecting
By Kefner on 7/2/09, Rating: 0
RE: Not what I was expecting
By JS on 7/3/2009 6:50:56 AM , Rating: 2
So what you are saying is that you find transvestites' bodies attractive. That's ok.


RE: Not what I was expecting
By sprockkets on 7/3/2009 3:52:01 PM , Rating: 1
"How did she look?"

"She is like butter."

"Butter? What do you mean."

"Everything butter face."


RE: Not what I was expecting
By lukasbradley on 7/2/2009 5:09:24 PM , Rating: 1
I feel the same way about that Transformers girl.


RE: Not what I was expecting
By B3an on 7/3/2009 11:37:35 AM , Rating: 2
RE: Not what I was expecting
By overlandpark4me on 7/2/2009 7:54:56 PM , Rating: 2
I'd never even heard of her, and you're right, she's not a good looking girl at all. She reminds me of a road worn version of Nancy Kerrigan. Hell, Michael Jackson is a better looking girl than this chick.

What. Too soon?


RE: Not what I was expecting
By Totally on 7/2/09, Rating: 0
RE: Not what I was expecting
By callmeroy on 7/7/2009 8:48:21 AM , Rating: 2
Granted Olivia is what I would call a super hottie or anything -- I could easily rattle off many well known "hotties" with better looks....but to intimate she's unattractive is a bit of a stretch, she's loads better looking than Nancy Kerrigan as well....and the Michael Jackson comment was your attempt of humor just because you know the world is still swimming in news of MJ's death.

I'd give her "cute" but not "hot".....though she does have a pretty smoking body.... :)


RE: Not what I was expecting
By CrazyBernie on 7/3/09, Rating: 0
By bighairycamel on 7/3/2009 10:19:32 AM , Rating: 2
No sorry you lose. The correct answer to why opinions are like buttholes is: "because everyone has one and they all stink."


RE: Not what I was expecting
By kattanna on 7/2/2009 3:47:32 PM , Rating: 2
she is cute


RE: Not what I was expecting
By amanojaku on 7/2/2009 4:07:43 PM , Rating: 3
Well, then enjoy. Personally, I miss Diane Mizota and stopped watching G4 after Filter was canceled. Olivia is just a ditz, while Diane has brains and humor to match her looks.

http://www.irserious.com/2007/05/26/olivia-munn-is...
http://www.popoholic.com/2007/05/25/olivia-munn-in...
http://www.dasgamer.com/olivia-munn-trades-in-the-...
http://oliviamunn.org/categories.php?cat_id=2


RE: Not what I was expecting
By icanhascpu on 7/2/2009 4:52:11 PM , Rating: 2
Screw that. I miss it when it was ZDTV->TechTV

BRING BACK SCREENSAVERS!


RE: Not what I was expecting
By Mitch101 on 7/3/2009 11:01:15 AM , Rating: 1
I have dated enough hot looking ditz's to know she isnt one. Now I don't know Diane Mizota but Olivia Munn is HOT on two levels even when she has a Mick Hammer (M.C. Hammer) incident. Its human and she can laugh at herself when it happens. A ditz doesn't realize she has done something stupid.

The pic daily tech used is a bad picture to show her hotness but great at showing her off beat character.

With Olivia Munn you can have both a great looking woman that is a hell of a lot of fun. Looks will fade for everyone but a great attitude like this girl has is hard to find. I am married to a woman with a similar fun style attitude. Sorry Olivia I'm taken unless your into 3 ways but then if your not do you mind if I just watch you and the wife go at it?

Ron White said it best
http://www.youtube.com/watch?v=0gxKStPXyn8


By mmcdonalataocdotgov on 7/6/2009 7:51:58 AM , Rating: 2
Thanks. Spam much, dildo? Love the pop-ups especially, and the attempts to install malware from your links.


RE: Not what I was expecting
By Meinolf on 7/2/2009 3:52:40 PM , Rating: 2
You gotta love Munn


RE: Not what I was expecting
By hduser on 7/2/2009 4:10:15 PM , Rating: 4
She's licked a lot of other gadgets in the past. Gotta love a girl who'll do that.


RE: Not what I was expecting
By rrburton on 7/6/2009 12:44:05 PM , Rating: 2
"My sex life is pretty good" -- Steve Jobs' random musings during the 2010 D8 conference














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki