Slashdot Mirror

← Back to Stories (view on slashdot.org)

iPhone Vulnerability Yields Root Access Via SMS

Posted by timothy on from the tweet-hack dept.

snydeq writes "Pwn2Own winner Charlie Miller has revealed an SMS vulnerability that could provide hackers with root access to the iPhone. Malicious code sent by SMS to run on the phone could include commands to monitor location using GPS, turn on the phone's microphone to eavesdrop on conversations, or make the phone join a DDoS attack or botnet, Miller said. Miller did not provide detailed description of the SMS vulnerability, citing an agreement with Apple, which is working to fix the vulnerability in advance of Black Hat, where Miller plans to discuss the attack in greater detail. 'SMS is a great vector to attack the iPhone,' Miller said, as SMS can send binary code that the iPhone processes without user interaction. Sequences can be sent to the phone as multiple messages that are automatically reassembled, thereby surpassing individual SMS message limits of 140 bytes."

12 of 186 comments (clear)

  1. Wonder how this goes together .. by Anonymous Coward · · Score: 3, Insightful

    Wondering if this can be combined with iPhone's ability to heat red hot while in your pocket

  2. Can't Carriers Stop this? by forand · · Score: 3, Insightful

    So this is bad news for the iPhone but it seems like any carrier of the iPhone should want to implement a simple filter to remove any malicious SMSs from the system.

    1. Re:Can't Carriers Stop this? by amicusNYCL · · Score: 4, Insightful

      It's not the carrier's responsibility to look at all SMS messages going through their system and filter them out, it's the iPhone's responsibility to not execute untrusted code in the first place. If this was a Microsoft device that's exactly what people would be saying.

      --
      "Our two-party system is like a bowl of shit looking at itself in a mirror." - Lewis Black
  3. So I assume a buffer overflow? by Anonymous Coward · · Score: 1, Insightful

    Wow, buffer overflows in 2009.

    I guess ARM needs to implement No Execute Bit in their CPUs. You can't protect against dumb programmers.

    If it wasn't a buffer overflow, then how in the name of all that is chocolate did some binary data get to be executable?!

    --
    Slashdot requires you to wait between each successful posting of a comment to allow everyone a fair chance at posting a comment.
    It's been 13 minutes since you last successfully posted a comment

    LOL.

  4. Run up your bill too by nurb432 · · Score: 3, Insightful

    Nice little dDos attack device, with one hell of a use fee at the end of the month ...

    --
    ---- Booth was a patriot ----
  5. Well there's your problem! by Anonymous Coward · · Score: 5, Insightful

    "as SMS can send binary code that the iPhone processes without user interaction"

    Why is it even possible to send raw binary? Shouldn't it allow only a heavily-filtered subset of characters?

    1. Re:Well there's your problem! by kv9 · · Score: 2, Insightful

      Apple bashers seemingly have one thing in common: they are inordinately smug c*** suckers

      I thought that's the one thing that Apple fanbois had in common... now I'm confused.

      --
      Stop Computers/Cars Analogies on S
  6. Re:Ouch! by Jurily · · Score: 5, Insightful

    Who the fuck though it would be a good idea to automatically execute the content of a message you have no control over whatsoever?

  7. SMS? by yourassOA · · Score: 1, Insightful

    Seems more like a back door than anything and now that it has been discovered Apple will try to fix (hide it better) the problem. Seems to me like most of the vulnerabilities would benefit law enforcement the most, weird huh? It not like this never happened with Microsoft, encryption key, and the FBI.

  8. Re:Ouch! by fmobus · · Score: 2, Insightful

    Yeah, because the same happened in the webserver market. Apache installations get rooted every single minute.

  9. Re:Seems to affect other smart phones as well ... by El_Muerte_TDS · · Score: 2, Insightful

    No learn to read. The second link says that they have technology to send an SMS Message to a phone without needing a carrier. It doesn't say anything about exploiting bugs in the handling of the SMS Message.

  10. Cancel Texting by joNDoty · · Score: 3, Insightful

    I recently canceled texting completely on my iPhone 3GS. Texting fees are outrageous and I'm not putting up with them anymore. If you want to text me, send it to my email address. Your phone probably supports texting to an email address and you don't even realize it. You can also reply to free texts I send you and I get notified instantly.

    Sure, I can't receive texts sent to my phone number, but that's a sacrifice I'm willing to make if I'm going to help my country kick this ridiculous habit of overpaying for tiny emails.