Tech

All things technology

Lifestyle

This is life

Current affairs

The real world

Personal

Just me

Random

Totally random stuff

Home » Uncategorized

iPhone vulnerability unveiled at Black Hat security conference

Submitted by on July 31, 2009 – 12:00 PMOne Comment | 4 views

An iPhone vulnerability has been unveiled at the Black Hat security conference at Las Vegas. Note: This is a vulnerability, not a virus. There are some article out there that claims that its a iPhone virus which is untrue. It is basically a security loophole.

The vulnerability allows hackers to knock an iPhone off the network, take control of the iPhone remotely or even send messages to friends in your address book. The hack works on a major security flaw involving SMS. Hackers just need to send you a series of SMS to make use of the vulnerability. And since you can’t stop an SMS from coming to your phone, there is no way to stop a hacker. The SMS text would come in the form of a single square character. Currently, the advice is to reboot your iPhone if you received such SMS.

Apple has been warned of the vulnerability since mid July and has not patched the loophole yet. Although the exact method are not revealed at Black Hat, it will just take a few weeks for hackers to write software to exploit this vulnerability. The vulnerability can be patched by either Apple or the operator. I suspect Apple is working on the patch now and it will roll out together with firmware 3.1 which should be on the way soon.

And for those other phone users who are laughing at iPhone users now, maybe you might want to know that Google Android and Windows Mobile are also vulnerable to this hack. (Although there is reports that Google has patched the vulnerability on Android) The vulnerability is caused by the way smartphone handle SMS. Which means almost all smart phone is at risk. iPhone is just an example to glorify the vulnerability. And of cos, to glorify the hacker’s name and reputation too. Which you would have notice, I didn’t mention their name at all in this blog. I’ll talk about this issue of hackers revealing vulnerability to public on another blog entry.

So remember, if you received single square character on your SMS, the best thing is to reboot your phone ASAP.

Update: Apple just released firmware 3.0.1 to patch this vulnerability. Pls update your iPhone asap.

Picture 21

Related posts:

  1. Internet banking Security vs Convenience
  2. iPhone 3G – My excitement, disappointment and more disappointment
  3. iPhone shuffle – Life is random
  4. iPhone 3.0
  5. iPhone




One Comment »

  • BETA says:
    August 1, 2009 at 2:35 AM

    If you jail break your iPhone you can download an application in Cydia called “iBlacklist” It could stop text/calls from unwanted senders, Add the number and all text/calls will be sent to the application, I use it so I can’t be text bombed by script kiddies.

2 Pingbacks »

Leave a comment!

Add your comment below, or trackback from your own site. You can also subscribe to these comments via RSS.

Be nice. Keep it clean. Stay on topic. No spam.

You can use these tags:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

This is a Gravatar-enabled weblog. To get your own globally-recognized-avatar, please register at Gravatar.

CommentLuv badge