Slashdot Mirror

← Back to Stories (view on slashdot.org)

SMS Hack Could Make iPhones Vulnerable

Posted by CmdrTaco on from the up-against-the-wall-and-spread-'em dept.

mhx writes "A single character sent by text message could allegedly compromise every iPhone released to date. The technique involves sending only one unusual text character or else a series of 'invisible' messages that confuse the phone and open the door to attack. Apple has not released any updates yet, so little can be done, except to power off your iPhone to avoid being hacked."

41 of 254 comments (clear)

  1. Binary Encoded Messages by Algorithmn · · Score: 5, Interesting

    I saw this one coming. Some cell phones cannot distinguish between a moble provider sending binary encoded XML enabled SMS messages or an attacker through an SMS gateway. Amateur security model/practices.

    1. Re:Binary Encoded Messages by sopssa · · Score: 5, Insightful

      This was detailed a few days ago -- more details on http://www.computerworld.com/s/article/9136008/Some_SMS_networks_vulnerable_to_attack

      How many times it needs to be said.. *never* trust the client.

    2. Re:Binary Encoded Messages by clang_jangle · · Score: 4, Informative
      Apparently it's not just the iPhone affected. FTFA:

      The iPhone SMS bug is just one of a series that the researchers plan to reveal in their talk. They say they've also found a similar texting bug in Windows Mobile that allows complete remote control of Microsoft-based devices. Another pair of SMS bugs in the iPhone and Google's Android phones would purportedly allow a hacker to knock a phone off its wireless network for about 10 seconds with a series of text messages. The trick could be repeated again and again to keep the user offline, Miller says. Though Google has patched the Android flaw, this second iPhone bug also remains unpatched, he adds.

      --
      Caveat Utilitor
    3. Re:Binary Encoded Messages by Algorithmn · · Score: 4, Informative

      http://www.blackhat.com/presentations/bh-europe-09/Gassira_Piccirillo/BlackHat-Europe-2009-Gassira-Piccirillo-Hijacking-Mobile-Data-Connections-whitepaper.pdf The weakest link is always exploited first. Trust nothing.

    4. Re:Binary Encoded Messages by SanityInAnarchy · · Score: 5, Insightful

      In other words, Android, the open platform, patched before iPhone, the closed platform.

      Yet I still occasionally run into people trying to claim that the iPhone being closed is somehow good, as it's more secure.

      --
      Don't thank God, thank a doctor!
    5. Re:Binary Encoded Messages by davester666 · · Score: 4, Funny

      Nope, the 3 Pre users are completely safe. They only text amongst themselves.

      --
      Sleep your way to a whiter smile...date a dentist!
  2. "SMS Hack Could Makes iPhones Vulnerable" by Anonymous Coward · · Score: 5, Funny

    In other news, the same SMS hack can be used to make headlines appear with wrongly used verbs...

  3. App Store by oldspewey · · Score: 5, Funny

    Want to pwn every apple smartphone in the world?

    There's an app for that.

    --
    If libertarians are so opposed to effective government, why don't they all move to Somalia?
    1. Re:App Store by Bemopolis · · Score: 3, Insightful

      Well there *will* be, once it gets through the App Store approval process. So, next year.

      --
      "I guess the moral of the story is, don't paint your airship with rocket fuel." -- Addison Bain
    2. Re:App Store by jDeepbeep · · Score: 4, Insightful

      So, never.

      fixed that for you :D

      --
      Reply to That ||
  4. Text character? by pushing-robot · · Score: 4, Funny

    The technique involves sending only one unusual text character

    Let me guess: "Q". Damned "Q".

    --
    How can I believe you when you tell me what I don't want to hear?
    1. Re:Text character? by viking099 · · Score: 4, Funny

      Thanks a lot ass^7'89-NO CARRIER

    2. Re:Text character? by MaerD · · Score: 4, Interesting

      This reminds me of the days when on a BBS a badly calibrated modem would actually hang up if someone put +++ATH0 in the message. *sigh* I feel so old.

      --
      I put on my robe and wizard hat..
    3. Re:Text character? by sexconker · · Score: 3, Funny

      Because it's easier for me to test, dammit.
      I make all these fucking routers and cable modems and shit by hand. Maybe if one of you fuckers would help me we wouldn't have this problem.

  5. Read about this yesterday by DigitalSorceress · · Score: 4, Informative

    FYI: It's not that one character can break your iPhone, it's about 512 text messages sent at your phone, causing certain buffer overflows. The proof on concept ended up where the slew of messages (apparently arrived at originally by fuzzing) winds up only showing one visible character (appears as a box).

    The author said that it could probably be refined so that it wouldn't send anything that would show up.

    500 or so un-seen text messages, and you're iPwned.

    Gotta love the Black Hat Briefings.

    --

    The Digital Sorceress
    1. Re:Read about this yesterday by emag · · Score: 3, Funny

      500?! Egads, that's gonna cost a _fortune_ at today's txting rates!

      --
      "The urge to save humanity is almost always a false front for the urge to rule." --H.L. Mencken
    2. Re:Read about this yesterday by Kral_Blbec · · Score: 3, Insightful

      No, that just means you got screwed in advance.

  6. Is this why they were distracting us yesterday? by amcdiarmid · · Score: 4, Interesting

    As I recall Apple (DRM) was stating that jailbreaking cellphones was something to be done by terrorists who want to destroy cellphone infrastructure.

    Interesting that a SMS message can destroy apples;)

    1. Re:Is this why they were distracting us yesterday? by DigitalSorceress · · Score: 5, Insightful

      Actually, that's exactly what I was thinking.

      Once you've taken over someone's iPhone in this manner, it seems to me you've got more power to use the thing than the original owner had (unless they had Jailbroken their phone already).

      Interestingly enough, this vulnerability is in the factory-spec iPhone - it doesn't require it to have been jailbroken.

      So, yeah, Apple claims they're jailing your phone to protect you from bad guys and to protect the infrastructure from you, but this goes to prove that the only thing they're protecting are their (and AT&T's) pockets.

      All this from a company where the CEO's liver is replaceable, but the battery in your phone or laptop is not.

      ~ducking~

      --

      The Digital Sorceress
    2. Re:Is this why they were distracting us yesterday? by Bemopolis · · Score: 5, Funny

      All this from a company where the CEO's liver is replaceable, but the battery in your phone or laptop is not.

      The battery in the iPhone and laptop are replaceable, just not by the owner. This was also the case for Steve's liver. JOKE FAIL.
      <\memekiller>

      --
      "I guess the moral of the story is, don't paint your airship with rocket fuel." -- Addison Bain
  7. Lots can be done... by John+Whitley · · Score: 3, Interesting

    So little can be done, except power off your iPhone to avoid being hacked

    Little can be done... except block such messages entirely at the provider level. When the attack vector is clearly defined, it's easy to scan for it.

    1. Re:Lots can be done... by Anonymous Coward · · Score: 5, Insightful

      Little can be done... except block such messages entirely at the provider level. When the attack vector is clearly defined, it's easy to scan for it.

      Or, maybe the iphone SHOULDN'T EXECUTE UNTRUSTED UNSIGNED UNAUTHENTICATED CODE THAT ARRIVES BY SMS.

      Or maybe google will use this flaw to deploy google voice onto iphones now that apple banned them.

      Isn't it sad that EVERYONE ELSE has more control over the iphone than fanboi who bought it.

    2. Re:Lots can be done... by FelxH · · Score: 4, Interesting

      According to the previous article, they have found a way to send sms messages without any provider: "This method does not use the carrier and so is free (and invisible to the carrier)". So blocking at the provider level won't work unfortunately

    3. Re:Lots can be done... by TheRaven64 · · Score: 3, Informative

      Not necessarily, it just has to come over the (wireless) network. There's nothing stopping you simulating a cell tower and sending an SMS (which is just a GSM control packet) to any phone within range.

      --
      I am TheRaven on Soylent News
    4. Re:Lots can be done... by TheRaven64 · · Score: 3, Insightful

      Uh, people doing this would be sending radio signals intended to illegally take control of someone else's phone. I doubt that breaking FCC rules is going to matter to them.

      --
      I am TheRaven on Soylent News
  8. Right-click, wha? by johnthorensen · · Score: 5, Funny

    Apparently Apple was going to require *two* unusual text characters for the iPwn hack, but Steve Jobs insisted that this would be too complicated for their users.

    1. Re:Right-click, wha? by johnthorensen · · Score: 5, Funny

      Well the jerk store called, and they're running out of...[iPhone Restarting]

  9. In other news... by 6Yankee · · Score: 5, Funny

    ...sex offenders start a mass SMS-sending campaign...

    1. Re:In other news... by jmahler · · Score: 4, Funny

      i see what you did there. Awesome. :)

      Mod funny please.

      --


      --endcycle--
    2. Re:In other news... by Yvan256 · · Score: 4, Funny

      Mods: I think he was referring to the parent above him for the "mod funny" comment.

    3. Re:In other news... by Yvan256 · · Score: 4, Funny

      Mods are on crack today!

      Mod parent funny!

    4. Re:In other news... by Anonymous Coward · · Score: 5, Funny

      I modded your wife alright.

  10. That's okay. by FlyingSquidStudios · · Score: 5, Funny

    No one ever sends me SMS messages, so I'd be flattered they noticed me if I was hacked. So lonely...

    --
    http://twitter.com/OLDTELEGRAM
  11. The series of invisible characters by blind+biker · · Score: 4, Funny

    It is here:

    --
    "The agriculture ministry is not in charge of Gundam" - Japanese ministry official.
  12. Won't someone think of the cell phone towers? by transporter_ii · · Score: 4, Insightful

    If this hack lets unapproved apps run, then what's going to keep the cell towers from being shut down on a massive scale? Doesn't this make Apple guilty of harming national security?

    --
    Doctors destroy health, lawyers destroy justice, universities destroy knowledge, religion destroys spirituality
  13. Why worry? by PPH · · Score: 5, Funny

    I, for on am not concrnd. It's simply a mattr of not snding that charactr. Crtainly, a company lik Appl can hav it xcludd from th alphabt. And thn w can just gt on with our livs, njoying our iPhons.

    --
    Have gnu, will travel.
  14. The Secret string is: by spydum · · Score: 5, Funny

    +++ATH0

  15. Re:Weird article. by Anonymous Coward · · Score: 4, Insightful

    This is remote code execution and extremely serious. The headline is understated for the possible severity of the impact. In other words: if Microsoft had the dominant smartphone on the market with the image the iPhone has, you know this crowd would be screaming bloody murder and piecing together fallacy-ridden freshman-level rants on monopolies.

  16. Here's what to do by yellowstone · · Score: 5, Funny

    If you survive the initial peril (the next thirty hours or so), then there are obvious procedures that can give relative safety: Do not accept High Beyond protocol packets. At the very least, route all communications through Middle Beyond sites, with translation down to, and then up from, local trade languages.

    --
    150 Opening BINARY mode data connection for slashdot.sig (129323052 bytes).
  17. Re:Beer summit by sexconker · · Score: 3, Funny

    BEEP BEEP
    I AM AC
    I AM A ROBOT
    I HAVE A ROBOT VAGINA
    BOOP

    Filter error: Don't use so many caps. It's like YELLING. I AM NOT YELLING I AM A ROBOT THIS IS HOW ROBOTS TALK BOOP

  18. Re:Well... by Kral_Blbec · · Score: 3, Funny

    a, 2, d? WTF? Back in my day we used 1, 2, 3; a, b, c; or I, II, III... Seems a person can just grab any random 3 characters to make an ordered list nowdays. Now get off my lawn.