Slashdot Mirror

← Back to Stories (view on slashdot.org)

SMS Hack Could Make iPhones Vulnerable

Posted by CmdrTaco on from the up-against-the-wall-and-spread-'em dept.

mhx writes "A single character sent by text message could allegedly compromise every iPhone released to date. The technique involves sending only one unusual text character or else a series of 'invisible' messages that confuse the phone and open the door to attack. Apple has not released any updates yet, so little can be done, except to power off your iPhone to avoid being hacked."

4 of 254 comments (clear)

  1. Re:Binary Encoded Messages by sopssa · · Score: 5, Insightful

    This was detailed a few days ago -- more details on http://www.computerworld.com/s/article/9136008/Some_SMS_networks_vulnerable_to_attack

    How many times it needs to be said.. *never* trust the client.

  2. Re:Is this why they were distracting us yesterday? by DigitalSorceress · · Score: 5, Insightful

    Actually, that's exactly what I was thinking.

    Once you've taken over someone's iPhone in this manner, it seems to me you've got more power to use the thing than the original owner had (unless they had Jailbroken their phone already).

    Interestingly enough, this vulnerability is in the factory-spec iPhone - it doesn't require it to have been jailbroken.

    So, yeah, Apple claims they're jailing your phone to protect you from bad guys and to protect the infrastructure from you, but this goes to prove that the only thing they're protecting are their (and AT&T's) pockets.

    All this from a company where the CEO's liver is replaceable, but the battery in your phone or laptop is not.

    ~ducking~

    --

    The Digital Sorceress
  3. Re:Lots can be done... by Anonymous Coward · · Score: 5, Insightful

    Little can be done... except block such messages entirely at the provider level. When the attack vector is clearly defined, it's easy to scan for it.

    Or, maybe the iphone SHOULDN'T EXECUTE UNTRUSTED UNSIGNED UNAUTHENTICATED CODE THAT ARRIVES BY SMS.

    Or maybe google will use this flaw to deploy google voice onto iphones now that apple banned them.

    Isn't it sad that EVERYONE ELSE has more control over the iphone than fanboi who bought it.

  4. Re:Binary Encoded Messages by SanityInAnarchy · · Score: 5, Insightful

    In other words, Android, the open platform, patched before iPhone, the closed platform.

    Yet I still occasionally run into people trying to claim that the iPhone being closed is somehow good, as it's more secure.

    --
    Don't thank God, thank a doctor!