1. berryite's Avatar
    Original article here ---> BBC NEWS | Technology | Apple to fix iPhone security flaw

    Apple to fix iPhone security flaw

    Apple is set to release a software patch to address a recently described security flaw in the iPhone, the UK network operator 02 has said.

    Experts revealed on Thursday that modified SMS messages could result in iPhones being disconnected from the network or hijacked altogether.

    Phones incorporating the Windows Mobile and Google Android operating systems are also vulnerable, they said.

    An O2 spokesperson said the patch would be available Saturday through iTunes.

    "We will be communicating to customers both through the website and proactively," the spokesperson added.

    "We always recommend our customers update their iPhone with the latest software and this is no different."

    Access all areas

    Charlie Miller and Collin Mulliner told the Black Hat conference in Las Vegas that the hack works by slightly modifying the data - sent by the network and which the user does not see - that arrives as part of a text message.

    The system that processes such messages is similar across different operating systems and can, once compromised, gain access across a range of applications including a phone's address book or camera.

    The team say that hackers could develop programs to exploit the weakness in as little as two weeks, but told the conference that publicising the means of attack was necessary to ensure the problem was addressed.

    "If we don't talk about it, somebody is going to do it silently. The bad guys are going to do it no matter what," Mr Mulliner, an independent security expert, said.

    The team wrote software to exploit the weakness, targeting iPhones on four networks in Germany as well as AT&T in the US. However, they believe it would work equally well in any country.

    The approach is particularly dangerous because messages are delivered automatically, and users cannot tell that they have received the malicious code.

    The problem could be fixed by directly patching the vulnerability in smartphones' operating systems, or the network providers could scan for messages that look to be trying to gain access to phones via the malicious code.

    The researchers said they had informed Google of the hack and that the company had already taken steps to address the problem.

    The Black Hat gathering, part of a leading series of conferences for information and computer security experts, took place from 25 to 30 July.

    Apple were not available to comment on the flaw.
    07-31-09 12:40 PM
  2. stuaw11's Avatar
    You just LOVE to try to find every negative thing you can find

    http://forums.crackberry.com/f99/sms...mation-282687/

    http://forums.crackberry.com/f99/iph...y-flaw-282666/

    I guess you cant figure out how to use search either or considering theyre on this SAME page of the subfourm
    Last edited by stuaw11; 07-31-09 at 12:54 PM.
    07-31-09 12:50 PM
  3. berryite's Avatar
    You just LOVE to try to find every negative thing you can find
    BBC breaking news. Kinda hard to miss it.

    Still over emotional I see. Relax. You'll live longer.
    07-31-09 12:55 PM
  4. Card Storm's Avatar
    although there is one thread in every category about this same topic ill let this slide since it is the only one that talks about the solution to the problem. Bye bye
    07-31-09 01:00 PM
  5. berryite's Avatar
    although there is one thread in every category about this same topic ill let this slide since it is the only one that talks about the solution to the problem. Bye bye
    I know that Forbes Magazine is considered a radical operation in this forum. I'm glad to know that we haven't crossed the BBC off as a fringe organization too.
    07-31-09 01:03 PM
LINK TO POST COPIED TO CLIPBOARD