Μετάβαση στο περιεχόμενο


Φωτογραφία
* * * * - 1 ψήφοι

Apple working to fix unreleased iPhone SMS exploit


  • Παρακαλούμε συνδεθείτε για να απαντήσετε
4 μηνύματα σε αυτό το θέμα

#1   epaminos

epaminos

    iPH Contributor

  • 1.546 μηνύματα
  • Twitter:@epaminos
  • Φύλο: Άντρας
  • Κινητό: iPhone 7 Plus
  • Tablet:iPad Air 2 +4G
  • GameCenter:epaminos

Δημοσίευση 02/07/2009 - 23:33

Tipped off by a Mac OS X security expert, Apple is working to repair a serious security flaw in the iPhone’s operating system – one that could allow an attacker to track the phone’s location via GPS, eavesdrop on conversations via the microphone, or create a mobile bot net capable of unleashing denial of service attacks.

The attack takes advantage of a vulnerability in the phone’s short messaging service, or SMS, feature, allowing an outside party into the phone’s root access without the owner’s knowledge. Security researcher Charles Miller, co-author of The Mac Hacker’s Handbook, announced his discovery Thursday at the SyScan Conference in Singapore, according to Computerworld.

Apple plans to have the fix released later this month, before Miller gives his scheduled speech at the Black Hat Technical Security Conference in Los Angeles. At the July 25-30 conference, Miller will be joined by Colin Mulliner for a talk entitled “Fuzzing the Phone in Your Phone,” which will show attendees how to discover vulnerabilities in a variety of smartphones.

Miller has not specifically detailed how the SMS exploit is done, citing an agreement with Apple. But he will discuss the attack in length at the Black Hat conference.

The exploit takes advantage of the fact that SMS can send binary code to an iPhone. That code is automatically processed without user interaction, and can be compiled from multiple messages, allowing larger programs to be sent to a phone.

For a widely-adopted platform, Apple’s iPhone has had remarkably little in the way of discovered vulnerabilities in its short history. In 2007, a security firm – including Miller – notified Apple of the phone’s first security flaw, soon after the hardware had been released. It was subsequently fixed by Apple.

Miller said that the iPhone’s stripped-down version of OS X makes it more secure than the full-fledged operating system. And because it lacks support for Adobe Flash and Java, isolates individual applications from one another, and only allows software that has been digitally signed by Apple, it is less likely to have security flaws than a full-form computer.

[Via appleinsider]

Ad

Ad

Team
iPhoneHellas
3,1416 μηνύματα
Twitter: @android
Φύλο: Όπως το δει κανείς
Κινητό: Android
Tablet: Για τα κουνούπια

Γιατί να γίνετε μέλη;

#2   GodLess

GodLess

    iPH User

  • 101 μηνύματα
  • Φύλο: Άντρας

Δημοσίευση 03/07/2009 - 15:01

Άρα παιζει να έχουμε ως τέλη ιουλίου νέα έκδοση..

#3   epaminos

epaminos

    iPH Contributor

  • 1.546 μηνύματα
  • Twitter:@epaminos
  • Φύλο: Άντρας
  • Κινητό: iPhone 7 Plus
  • Tablet:iPad Air 2 +4G
  • GameCenter:epaminos

Δημοσίευση 03/07/2009 - 15:26

Ακριβώς!!!

#4   WizeMan

WizeMan

    iPH Enthousiast

  • 539 μηνύματα
  • Φύλο: Άντρας

Δημοσίευση 03/07/2009 - 17:35

Παίζει να είναι και ψέμα για να βάλουμε όλοι την 3.1 στην οποία μπορεί να κλείσουν τρύπες για JB - Unlock

#5   iPodTouchPro

iPodTouchPro

    iPH Elite Poster

  • 3.187 μηνύματα
  • Φύλο: Άντρας

Δημοσίευση 06/07/2009 - 09:53

Και αυτό σωστό!! Καλά ότι θα κλείσουν είναι σίγουρο. Πως και δεν έδωσαν τη γνωστή δικαιολογία: "Bug fixes" ?




Χρήστες που διαβάζουν αυτό το θέμα: 0

0 μέλη, 0 επισκέπτες, 0 ανώνυμοι χρήστες