iPhone attack via text message disclosed

Article about iPhone SMS hackiPhone’s vulnerability to SMS attack revealed.

Charlie Miller revealed an attack on Apple iPhones that is launched simply by sending an iPhone a text message. (Also called SMS message.)
Mr. Miller is discussing this vulnerability at the ongoing annual Defcon / Black Hat conference in Las Vegas. He claims that possible damage ranges from a simple crash, through hijacking of all phone functions, to broadcast of the malicious text to all numbers in the iPhone’s contacts list. (It sounds like another buffer overrun vulnerability: the device gags as it tries to process more data than it can handle, and sends the CPU’s instruction pointer to an undefined address in memory . . . where apparently malicious code awaits.)
Mr. Miller notified Apple of the vulnerability, and Apple is presumed to be working on a patch. Supposedly they’ve known of the vulnerability for weeks, yet they’ve made no official statement on this topic.
In the meantime, iPhone users are urged to look for text messages that end with a single square character: if an iPhone user receives such a mesage, he/she is urged to immediately turn off the iPhone. (If it were me, I’d remove the battery . . . oops! You can’t, on an iPhone.)
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s