iPhone exploit allows control of voice, data functions

As far as software exploits go, you’ve got your kinda-sorta-threatening exploits and then you’ve got your exploits that pose a serious threat to a large portion of a product’s user base. Last week, we saw a list of 68 iPhone vulnerabilities and thankfully, most of those were of the former variety. A new exploit from security firm Independent Security Evaluators, however, looks quite a bit more serious. According to researchers at ISE, the newly discovered exploit can be used to gain complete control over all of the iPhone’s data and voice capabilities via a compromised WiFi connection–requiring only that a user unknowingly navigate to an infected website posing as a trusted site. Columbia University professor and ex-AT&T Labs security expert Steven M. Bellovin independently tested the exploit and confirmed not only that the bug is the real deal but also, that Windows Mobile devices might be similarly vulnerable. Apple has done a fairly good job of addressing security flaws in Safari so far, so let’s hope they manage to do the same for the iPhone.

For more on the exploit:
– check out this video demonstration of the hack
– and this New York Times article

More stories about Security   Software News   Enterprise Wireless   Mac OS X  

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.

More information about formatting options

What is 11 + 4?
To combat spam, please solve the math question above.