How to hijack ‘every iPhone in the world’ (2)
If you receive a text message on your iPhone any time after Thursday afternoon containing only a single square character, Charlie Miller would suggest you turn the device off. Quickly.
That small cipher will likely be your only warning that someone has taken advantage of a bug that Miller and his fellow cybersecurity researcher Collin Mulliner publicized Thursday at the Black Hat cybersecurity conference in Las Vegas. Using a flaw they’ve found in the iPhone’s handling of text messages, the researchers said they would demonstrate how to send a series of mostly invisible SMS bursts that can give a hacker complete power over any of the smart phone’s functions. That includes dialing the phone, visiting Web sites, turning on the device’s camera and microphone and, most importantly, sending more text messages to further propagate a mass-gadget hijacking.
“This is serious. The only thing you can do to prevent it is turn off your phone,” Miller told Forbes. “Someone could pretty quickly take over every iPhone in the world with this.”
Though Miller and Mulliner say they notified Apple about the vulnerability more than a month ago, the company hasn’t released a patch, and it didn’t respond to Forbes’ repeated calls seeking comment.
The iPhone SMS bug is just one of a series that the researchers planned to reveal in their talk. They say they’ve also found a similar texting bug in Windows Mobile that allows complete remote control of Microsoft-based devices. Another pair of SMS bugs in the iPhone and Google’s Android phones would purportedly allow a hacker to knock a phone off its wireless network for about 10 seconds with a series of text messages. The trick could be repeated again and again to keep the user offline, Miller says. Though Google has patched the Android flaw, this second iPhone bug also remains unpatched, he adds.
[More]
Related:
Everybody Panic! The iPhone Has a Vulnerability!
Updates:
12:16 pm EDT, July 31st, 2009 — Card PIN numbers traded at two for a dollar
Popularity: 30% [?]
Male, retired and the rest is of little interest to anyone. The site keeps me busy and if it helps others to stay abreast of daily events then my time is well spent.
Mac Says:
Not good news for those of us who own iPhones… I forwarded this to my bride since she’s the one who has ours…
Posted on July 31st, 2009 at 9:44 am