Slashdot Mirror

← Back to Stories (view on slashdot.org)

Palm WebOS Hacked Via SMS Messages

Posted by Soulskill on from the and-a-sausage dept.

gondaba writes "Security researchers at the Intrepidus Group have hacked into Palm's new WebOS platform, using nothing more than text messages to exploit a slew of dangerous web app vulnerabilities. The white hat hackers found that the WebOS SMS client did not properly perform input/output validation on any SMS messages sent to the handset, leading to a rudimentary HTML injection bug. Coupled with the fact that HTML injection leads directly to injecting code into a WebOS application, the attacks made possible were quite dangerous (especially considering they could all be delivered over an SMS message)."

5 of 99 comments (clear)

  1. Lol by Codename+Dutchess · · Score: 2, Funny

    These are always my favorite posts to read. Nothing like hiring 12 year olds to code your software.

    1. Re:Lol by FatdogHaiku · · Score: 2, Funny

      Obligatory XKCD

      --
      You have the right to remain sentient. If you give up the right to remain sentient, you will be elected to public office
    2. Re:Lol by Anonymous Coward · · Score: 1, Funny

      Obligatory post pointing out that nobody cares what an AC says ... including this post.

    3. Re:Lol by bhtooefr · · Score: 2, Funny

      Obligatory post pointing out that funny doesn't give karma.

  2. Re:WebOS 1.4 by X0563511 · · Score: 2, Funny

    Indeed. I actually jumped into the developer's IRC channel to check in on this, and one of them told me about it being fixed already.

    I felt like an ass. Thanks, Slashdot.

    --
    For large sets, this will be our guide even unto death, for the LORD will work for each type of data it is applied to...