iPhone Vulnerability Yields Root Access Via SMS

snydeq writes "Pwn2Own winner Charlie Miller has revealed an SMS vulnerability that could provide hackers with root access to the iPhone. Malicious code sent by SMS to run on the phone could include commands to monitor location using GPS, turn on the phone's microphone to eavesdrop on conversations, or make the phone join a DDoS attack or botnet, Miller said. Miller did not provide detailed description of the SMS vulnerability, citing an agreement with Apple, which is working to fix the vulnerability in advance of Black Hat, where Miller plans to discuss the attack in greater detail. 'SMS is a great vector to attack the iPhone,' Miller said, as SMS can send binary code that the iPhone processes without user interaction. Sequences can be sent to the phone as multiple messages that are automatically reassembled, thereby surpassing individual SMS message limits of 140 bytes."

Re:Well there's your problem!

[martas]

common misconception. the characters '0' and '1' aren't binary, they in fact correspond to the numbers 48 and 49. you'd have to send NULL and SOH for 0 and 1.

sorry, couldn't help myself...

Re:At least SOMEBODY has full access to my iPhone!

[slimjim8094]

Just jailbreak the fucking thing like the rest of us and quit bitching. I just finished a SSH session to my phone (where I su to root).

I consider that owning my phone, especially because it's even relatively safe to unlock then. Everybody who isn't willing to do that, please just shut up. Apple doesn't seem to care too much about the jailbreak; it works out great. "Normal" users don't get confused, and everybody else can run multiple apps, get SSH, turn-by-turn directions, etc.

Seriously, take the 5 minutes and do it. You'll thank me. Or stop complaining.