Print 82 comment(s) - last by callmeroy.. on Jul 7 at 8:48 AM

  (Source: Attack of the Show)

A gaping hole in the iPhone 3G S's beefed up security, allows a packet of code to be fired into it via SMS and compromise the entire system. Apple says that it will fix the major flaw by the end of July.  (Source: AppleIPhoneReview)
IPhone SMS vulnerability could allow malicious users to install and execute malware

Recently, Apple has struggled with the security ramifications of a higher commercial profile, and seeing an increasing number of OS X malware.  Now another security flaw has been found, this time in the iPhone OS.  The flaw allows attackers to gain root access to the iPhone's underlying OS, allowing them to install and execute malicious programs at will.

The iPhone apparently automatically executes binary code sent in SMS messages.  Messages are limited to 140 bytes, but this is little deterrence as longer programs can be broken up into several messages, which the phone automatically reassembles.  While other applications such as the Safari browser on the phone only enjoy access to their sandbox, the SMS system is automatically granted root access, and SMS commands execute as root.

Charlie Miller, during a presentation at the SyScan conference in Singapore on Thursday introduced the vulnerability to the public.  He declined to go into specific details or offer his proof-of-concept code to the public, as he has entered under an agreement with Apple.  Mr. Miller did state, "SMS is a great vector to attack the iPhone."

He went on to describe several examples of how such an attack could prove beneficial to malicious parties.  Among his ideas were to use the phone's GPS technology to track people, to turn on the phone's microphone to snoop on meetings or conversations, and to use groups of the infected phones to form a botnet and launch distributed denial-of-service attacks.

Apple will have a fix ready by the end July, it says.  Mr. Miller says he will hold off on releasing details of his attack until then.  He will present the attack in its full glory at the Black Hat USA 2009 conference in Las Vegas.  Mr. Miller is the author of The Mac Hacker's Handbook, one of the leading resources for prospective Apple hackers.

He praises Apple's efforts with the iPhone saying that the stripped down version of OS X provides less attack opportunities.  He says that lack of support for Adobe Flash and Java while an annoyance to users actually aid security, as these are traditional attack vectors.  He also notes the phone's provisions to only run Apple-signed code and to provide hardware encryption as other promising features.  

Many of these features were added in the new iPhone 3G S, but were not present in the iPhone 3G leading the iPhone 3G to receive failing marks in a recent security study.  Mr. Miller concludes, "The iPhone is more secure than OS X, but SMS could be a critical vulnerability."

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

RE: fsardis and his iDick debacle
By Boze on 7/2/2009 6:38:20 PM , Rating: 3
Well if you've heard so much logic and fact, its about time to shut up and accept it I think.

If you like Apple products, more power to you. Lots of folks do, and having brand loyalty is not inherently a bad thing. Condoning bad practices and overlooking potential problems is where fanboyism becomes a serious issue.

My brother uses a MacBook Pro nowadays, instead of building his own computers. Reason? "I'm tired of having to build a machine and go through the installation and updates and headache of all that." That's understandable, but he doesn't for one minute disagree with me that I can't build a far superior machine in terms of performance and storage. Why? You can't argue facts, that's why.

As far as the SATA issue on Macbooks, why would they disable it anyway? Why disable a feature on your laptop that would, at best, help your laptop stand out from the crowd, and at worse, make your laptop look like its lagging behind technologically? Well I can guess a few reasons. Save battery life and make "tests" look better. "Hey may Macbook has xx hours of battery life!" It doesn't hurt that the average Apple user, as well as the user they target, have no clue what SATA 3.0 gbps means anyway, which is also really sad, because the more you understand about any technology, you more you can get out of it. That applies from computers to can openers.

RE: fsardis and his iDick debacle
By Pirks on 7/2/09, Rating: -1
RE: fsardis and his iDick debacle
By Boze on 7/2/2009 10:08:30 PM , Rating: 2
No, every notebook manufacturer does not want to extend battery life and make tests look better. Ever heard of desktop replacements? Ever wonder why, when reviewed, they might get 90 minutes of battery life or less and they could care less? Probably because its called a desktop replacement, and its there to provide power in the smallest possible package.

RE: fsardis and his iDick debacle
By Pirks on 7/2/2009 10:22:04 PM , Rating: 2
If they were not caring about battery life, as you suggest, they would not provide a battery in those desktop replacements at all.

RE: fsardis and his iDick debacle
By FaaR on 7/3/2009 6:42:08 AM , Rating: 2
It's not a matter of "accepting facts" if your bro doesn't NEED your alledgedly far superior machine, any "facts" you want people to accept don't matter because these facts do not APPLY TO HIM, and people like him.

Seems you should take a couple doses of your own medicine.

You can't offer a farmer a Ferrari F50 when he needs to plow his fields. That it has a much more powerful engine, and goes much faster than a proper tractor isn't important to the farmer. See?

RE: fsardis and his iDick debacle
By fsardis on 7/3/2009 8:45:21 AM , Rating: 2
so why offer him a tractor with limited fuel line (sata1) and say nothing about it?
personally i would be very happy with it if apple actually mentioned it at least in the fine print.
you cannot advertise 9400 chipset from nvidia and limit people to sata1 with firmware and say nothing about it. it is just unethical. anyone who can use google and was curious to find out what sata version is in use, will find directly from nvidia that it is sata2. apple does not say otherwise and yet they sell me the machine without warning. this is bound to be illegal.

car analogy for Pirks because his brain only understands those:

Lexus makes a new car that uses a standard datsun engine. they tell you the model of the engine and no other details about it such as torque and hp. you use google to find out the specs of the model directly from datsun and they tell you that the engine produces 80hp for example. but lexus has limited the engine to 40hp and they told you nothing about it.
for the average driver in the city, using the automatic transmission, this makes no difference. lexus also sells for extra cash a racing exhaust that will make your car faster but still the engine is limited to 40hp so your money is a waste apart from minor benefits.
the problem is, that when you hit the motorway and you want to use the full power you will discover that something is wrong. you will also discover that your racing exhaust upgrade was a waste of money.

/pirks idiocy

i already feel dumber for falling to his level.

"If you look at the last five years, if you look at what major innovations have occurred in computing technology, every single one of them came from AMD. Not a single innovation came from Intel." -- AMD CEO Hector Ruiz in 2007

Copyright 2015 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki