Slashdot Mirror

← Back to Stories (view on slashdot.org)

iPhone Vulnerability Yields Root Access Via SMS

Posted by timothy on from the tweet-hack dept.

snydeq writes "Pwn2Own winner Charlie Miller has revealed an SMS vulnerability that could provide hackers with root access to the iPhone. Malicious code sent by SMS to run on the phone could include commands to monitor location using GPS, turn on the phone's microphone to eavesdrop on conversations, or make the phone join a DDoS attack or botnet, Miller said. Miller did not provide detailed description of the SMS vulnerability, citing an agreement with Apple, which is working to fix the vulnerability in advance of Black Hat, where Miller plans to discuss the attack in greater detail. 'SMS is a great vector to attack the iPhone,' Miller said, as SMS can send binary code that the iPhone processes without user interaction. Sequences can be sent to the phone as multiple messages that are automatically reassembled, thereby surpassing individual SMS message limits of 140 bytes."

2 of 186 comments (clear)

  1. Re:Ouch! by dna_(c)(tm)(r) · · Score: 0, Flamebait

    The only plausible explanation is that Microsoft must have bought Apple...

  2. Re:i sense a disturbence in the force by Oktober+Sunset · · Score: 1, Flamebait

    if only... even if every mac on the planet turned into a robot and killed a baby before collapsing into a pile of toxic debris, it would only shut the fanboys up for 5 minutes before they resumed bleating on about garage band and iphoto...

    --
    What if Tetris was invented by Nazis?