Slashdot Mirror

← Back to Stories (view on slashdot.org)

SMS Hack Could Make iPhones Vulnerable

Posted by CmdrTaco on from the up-against-the-wall-and-spread-'em dept.

mhx writes "A single character sent by text message could allegedly compromise every iPhone released to date. The technique involves sending only one unusual text character or else a series of 'invisible' messages that confuse the phone and open the door to attack. Apple has not released any updates yet, so little can be done, except to power off your iPhone to avoid being hacked."

7 of 254 comments (clear)

  1. Re:Binary Encoded Messages by sopssa · · Score: 5, Insightful

    This was detailed a few days ago -- more details on http://www.computerworld.com/s/article/9136008/Some_SMS_networks_vulnerable_to_attack

    How many times it needs to be said.. *never* trust the client.

  2. Re:Is this why they were distracting us yesterday? by DigitalSorceress · · Score: 5, Insightful

    Actually, that's exactly what I was thinking.

    Once you've taken over someone's iPhone in this manner, it seems to me you've got more power to use the thing than the original owner had (unless they had Jailbroken their phone already).

    Interestingly enough, this vulnerability is in the factory-spec iPhone - it doesn't require it to have been jailbroken.

    So, yeah, Apple claims they're jailing your phone to protect you from bad guys and to protect the infrastructure from you, but this goes to prove that the only thing they're protecting are their (and AT&T's) pockets.

    All this from a company where the CEO's liver is replaceable, but the battery in your phone or laptop is not.

    ~ducking~

    --

    The Digital Sorceress
  3. Won't someone think of the cell phone towers? by transporter_ii · · Score: 4, Insightful

    If this hack lets unapproved apps run, then what's going to keep the cell towers from being shut down on a massive scale? Doesn't this make Apple guilty of harming national security?

    --
    Doctors destroy health, lawyers destroy justice, universities destroy knowledge, religion destroys spirituality
  4. Re:Lots can be done... by Anonymous Coward · · Score: 5, Insightful

    Little can be done... except block such messages entirely at the provider level. When the attack vector is clearly defined, it's easy to scan for it.

    Or, maybe the iphone SHOULDN'T EXECUTE UNTRUSTED UNSIGNED UNAUTHENTICATED CODE THAT ARRIVES BY SMS.

    Or maybe google will use this flaw to deploy google voice onto iphones now that apple banned them.

    Isn't it sad that EVERYONE ELSE has more control over the iphone than fanboi who bought it.

  5. Re:Weird article. by Anonymous Coward · · Score: 4, Insightful

    This is remote code execution and extremely serious. The headline is understated for the possible severity of the impact. In other words: if Microsoft had the dominant smartphone on the market with the image the iPhone has, you know this crowd would be screaming bloody murder and piecing together fallacy-ridden freshman-level rants on monopolies.

  6. Re:App Store by jDeepbeep · · Score: 4, Insightful

    So, never.

    fixed that for you :D

    --
    Reply to That ||
  7. Re:Binary Encoded Messages by SanityInAnarchy · · Score: 5, Insightful

    In other words, Android, the open platform, patched before iPhone, the closed platform.

    Yet I still occasionally run into people trying to claim that the iPhone being closed is somehow good, as it's more secure.

    --
    Don't thank God, thank a doctor!