iPhone SMS text message bug puts all iPhones at risk
By Will Park on Wednesday, July 29th, 2009 at 12:19 PM PST In Apple, Hottest Hardware, Research, Security, iPhone, iPhone OS
Security researchers have stumbled across an iPhone SMS bug that could be used by nefarious pranksters to “quickly take over every iPhone in the world.” If that sounds somewhat doomsday-ish, that’s because it kind of is. The iPhone SMS text message bug was discovered by Charlie Miller and his similarly-named research colleague Collin Mulliner. The iPhone bug, says Miller, exploits flaw in the way the iPhone OS processes SMS text messages. Using the exploit, hackers could send a succession of SMS text messages to an iPhone, allowing them to gain complete control of the handset. Hackers can then commandeer the iPhone to send similar text message strings to other iPhones, spreading like wildfire.
“SMS is an incredible attack vector for mobile phones,” says Miller. “All I need is your phone number. I don’t need you to click a link or anything.”
Miller and Milliner plan to reveal the SMS text message security vulnerability on Thursday at the Black Hat cybersecurity conference in Las Vegas. The duo say they’ve alerted Apple (NSDQ: AAPL) to the security hole, but the iPhone-maker has yet to release a patch to the iPhone SMS bug. Once announced to the world, the iPhone bug could potentially allow iPhones around the world to be hijacked in a very short time.
Apple, the ball’s in your court.
[Via: PCWorld]
Great article, Will. It’s interesting to think about how many people will really be affected by the bug. Less than 20 percent of smartphone users own an iPhone: http://lunchpail.knotice.com/2009/07/01/secrets-of-the-smart-phone-industry/