Quantcast
Last updated on May 31, 2012 at 13:58 EDT

Hackers Find a Flaw in iPhones

July 24, 2007
Repost This

By John Schwartz

A team of computer security consultants say they have found a flaw in Apple’s popular new iPhone that allows them to take control of the device. The researchers, working for Independent Security Evaluators, a company that tests its clients’ computer security by hacking it, said that they could take control of iPhones through a WiFi connection or by tricking users into going to a Web site that contains malicious code. The hack, the first reported, allowed them to tap the wealth of personal information the phones can contain.

Although Apple built considerable security measures into its device, said Charles Miller, the principal security analyst for Independent Security Evaluators, “Once you did manage to find a hole, you were in complete control.”

The firm, based in Baltimore, alerted Apple about the vulnerability this week and recommended a software patch that could solve the problem.

“We’re looking into the report submitted by ISE and always welcome feedback on how to improve our security,” said Lynn Fox, an Apple spokeswoman.

The company said there was no evidence that this flaw had been exploited or that users had been affected, and it knew of no other exploits of this nature.

Miller, a former employee of the National Security Agency, demonstrated the hack to a reporter by using his iPhone’s Web browser to visit a Web site of his own design.

Once he was there, the site injected a bit of code into the iPhone that then took over the phone. The phone promptly followed instructions to transmit a set of files to the attacking computer that included recent text messages – including one that had been sent to the reporter’s cellphone moments before – as well as telephone contacts and e-mail addresses.

“We can get any file we want,” he said. Potentially, he added, the attack could be used to program the phone to make calls, running up large bills or even turning it into a portable bugging device.

Steven Bellovin, a professor of computer science at Columbia University, said, “It’s not the end of the world, it’s not the end of the iPhone.”

Details on the vulnerability, but not a step-by-step guide to employing it, can be found at www.exploitingiphone.com.

(c) 2007 International Herald Tribune. Provided by ProQuest Information and Learning. All rights Reserved.


Related Articles
Related Images
Related Videos
Related Reference Library
Breaking News
Space
Science
Technology
Health
CES 2012
More...
Streaming Video
Top Picks
Science
Health
More...
Images and Photos
Images of the Day
Image Galleries
Wallpapers
More...
Space Exploration
Astronomy
Human Spaceflight
Ask the Astronomer
More...
Science and Research
Instruments
Calculator
Ask the Scientist
More...
Technology
Ask the Expert
Technology Reviews
More...
My Health
Health
More...
© 2002-2012 redOrbit.com. All rights reserved
All other copyrights remain the property of their respective owners