New To Mac-Forums?

Welcome to our community! Join the discussion today by registering your FREE account. If you have any problems with the registration process, please contact us!

Get your questions answered by community gurus Advice and insight from world-class Apple enthusiasts Exclusive access to members-only contests, giveaways and deals

Join today!

 
Start a Discussion
 

Mac-Forums Brief

Subscribe to Mac-Forums Brief to receive special offers from Mac-Forums partners and sponsors

Join the conversation RSS
Apple Rumors and Reports Discuss what's going on with Apple in this forum

iPhone vunerability with text messages.


Post Reply New Thread Subscribe

 
Thread Tools
god0fgod

 
god0fgod's Avatar
 
Member Since: Jun 24, 2008
Posts: 196
god0fgod is an unknown at this point
Mac Specs: Macbook White 2.13Ghz 160GB 10.6.4 (Buggy Version :() Snow Leopard

god0fgod is offline
http://news.sky.com/skynews/Home/Tec...as_Conference_

Quote:
9:07am UK, Thursday July 30, 2009 Hackers could take over your iPhone, according to security researchers who say Apple is aware of the problem. Apple have not released a patch to stop a hacker controlling the iPhone

And the method is chillingly simple - a text message containing one square character .Charlie Miller and Collin Mulliner say they have found a flaw in the way the phones handle text messages, which could allow hackers complete control of the handset.The hack would come in the form of a burst of SMS messages which contain a single character.They would let the hacker control dialling the phone, visiting websites, the phone's camera and also sending texts to other iPhones, allowing control of them as well.Mr Miller said: "This is serious. The only thing you can do to prevent it is turn off your phone."Someone could pretty quickly take over every iPhone in the world with this."Mr Mulliner told Sky News Online: "In the business world this could have high value, if you could stop decision makers making or receiving phone calls."Mobile security is really taking off so we are just the first to discover this bug. There is no way this would have stayed secret."Mr Miller will reveal the flaw in the Apple phone during a speech to the Black Hat cybersecurity conference today.He claims to have told Apple about the potential bug over a month ago, but the company still hasn't released a patch to combat the potential hacks.
QUOTE Thanks
d3bruts1d

 
Member Since: Feb 18, 2009
Location: Knoxville, TN
Posts: 10
d3bruts1d is on a distinguished road
Mac Specs: Mac Mini - C2D 1.83GHz, 2GB, 320G HDD

d3bruts1d is offline
I saw this yesterday on every news and tech blog out there. While it sounds simple, it's not exactly one text message and you are hacked. According to the article on Forbes the attack requires "a series of 512 SMS messages can exploit the bug, with only one of those messages actually appearing on the phone, showing a small square".

I'm still not sure which is worse... having someone hack your iPhone, or the extra fees that you'll receive from your carrier (mainly AT&T) for exceeding your SMS allotment.

You'd think though this could be something the carriers could filter for at their level, without requiring an update from Apple. Hopefully both parties will work on this issue.

The same hacker has also reported that a similar unpatched flaw exists in Windows Mobile.

d 3 b r u t s 1 d
QUOTE Thanks
Davcoccio

 
Davcoccio's Avatar
 
Member Since: Jun 18, 2009
Location: Paris
Posts: 38
Davcoccio is on a distinguished road
Mac Specs: MacBook White 2GB

Davcoccio is offline
This is pretty serious... I mean, just the fact that an iPhone is hackable!!

Can someone can explain how it works? like what are those hacking SMS? what are the steps that hackers have to achieve before completely hacking an iPhone?

QUOTE Thanks
Notopi

 
Notopi's Avatar
 
Member Since: Jun 14, 2009
Posts: 29
Notopi is on a distinguished road

Notopi is offline
Source: iPhone Virus

An iPhone hacker, Charlie Miller will release the world’s first iPhone virus today. He discovered an SMS hack 6 weeks ago and reported it to Apple, but Apple has yet to release a patch. Miller and his fellow cybersecurity researcher Collin Mulliner will both explain and reveal their iPhone SMS exploit some time today at the Blackhat cybersecurity conference in Las Vegas.

How does the SMS hack work?

Firstly, this hack does not require the victim to download any file. The attacker only needs to know the victim’s phone number. Miller says the attack is enabled by a serious memory corruption in the way the iPhone handles SMS messages. For the attack to work, an attacker must send hundreds of SMS control messages (different from regular SMS messages) and only the initial SMS will be seen. This attack works on both the iPhone and the Andoid. What does the iPhone SMS hack do? This hack can allow the attacker to make calls from your iPhone, steal your data, send text messages, and also spread the attack to other iPhones in your address book.

How to recognize and avoid the iPhone virus

If you get a strange text message containing any square box, even if it’s from a recognized number you may be the victim of the iPhone virus.

You have two choices:
Put your iPhone in Airplane mode: Go to Settings -> Airplane Mode and slide the button to Off.
Hold down the power button, and slide to turn your iPhone off.

* Moderators could you post this thread in the News or Announcement Thread?
* Please feel free to twitter this! Thank you!
QUOTE Thanks
Davcoccio

 
Davcoccio's Avatar
 
Member Since: Jun 18, 2009
Location: Paris
Posts: 38
Davcoccio is on a distinguished road
Mac Specs: MacBook White 2GB

Davcoccio is offline
Yeah this is pretty serious!! Hope it's not going to spread that much!! and I really hope Apple will do something about it!!

QUOTE Thanks
god0fgod

 
god0fgod's Avatar
 
Member Since: Jun 24, 2008
Posts: 196
god0fgod is an unknown at this point
Mac Specs: Macbook White 2.13Ghz 160GB 10.6.4 (Buggy Version :() Snow Leopard

god0fgod is offline
It's probably a simple fix. I'm sure Apple will release a patch soon enough.
QUOTE Thanks
Ballr24

 
Member Since: Jul 09, 2009
Posts: 239
Ballr24 is an unknown at this point
Mac Specs: 13 Inch Apple MacBook Pro; 2.40 GHZ, 4GB Ram, 250GB HDD

Ballr24 is offline
yeah i agree, i didnt get anything so far......
QUOTE Thanks
cwa107

 
cwa107's Avatar
 
Member Since: Dec 20, 2006
Location: Middletown, Pennsylvania
Posts: 26,625
cwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond repute
Mac Specs: 15" MBP, Core i7/2GHz, 8GB RAM, 480GB Crucial M500 SSD

cwa107 is offline
Quote:
Originally Posted by Ballr24 View Post
yeah i agree, i didnt get anything so far......
Nor will you any time soon. It's a proof of concept virus, not released to the general public. Doing so would be a criminal act.

Of course, sensationalists will read into what's not there - and by the time someone less conspicuous tries to take advantage of the hole, it will probably be patched.

Liquid and computers don't mix. It might seem simple, but we see an incredible amount of people post here about spills. Keep drinks and other liquids away from your expensive electronics!
QUOTE Thanks
gegreen

 
Member Since: Jul 30, 2009
Posts: 1
gegreen is on a distinguished road

gegreen is offline
Quote:
Originally Posted by cwa107 View Post
Nor will you any time soon. It's a proof of concept virus, not released to the general public. Doing so would be a criminal act.

Of course, sensationalists will read into what's not there - and by the time someone less conspicuous tries to take advantage of the hole, it will probably be patched.
Apple is very cautious about security of the iPhone. Your chances of seeing an in the wild virus for an iPhone are slim. The whole way Apple has approached it limits what even very smart hackers can do. You're much more likely to find a vulnerability on a pre or a Windows Mobile phones because they cave to any developer whim and leave so much more open.
QUOTE Thanks
god0fgod

 
god0fgod's Avatar
 
Member Since: Jun 24, 2008
Posts: 196
god0fgod is an unknown at this point
Mac Specs: Macbook White 2.13Ghz 160GB 10.6.4 (Buggy Version :() Snow Leopard

god0fgod is offline
I have already posted this and it's not a virus, it's a discovery.
QUOTE Thanks
cwa107

 
cwa107's Avatar
 
Member Since: Dec 20, 2006
Location: Middletown, Pennsylvania
Posts: 26,625
cwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond repute
Mac Specs: 15" MBP, Core i7/2GHz, 8GB RAM, 480GB Crucial M500 SSD

cwa107 is offline
Quote:
Originally Posted by god0fgod View Post
I have already posted this and it's not a virus, it's a discovery.
Yes you did. Sorry about that, threads merged.

Liquid and computers don't mix. It might seem simple, but we see an incredible amount of people post here about spills. Keep drinks and other liquids away from your expensive electronics!
QUOTE Thanks
cwa107

 
cwa107's Avatar
 
Member Since: Dec 20, 2006
Location: Middletown, Pennsylvania
Posts: 26,625
cwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond repute
Mac Specs: 15" MBP, Core i7/2GHz, 8GB RAM, 480GB Crucial M500 SSD

cwa107 is offline
UPDATE:

BBC NEWS | Technology | Apple to fix iPhone security flaw

In short, this is a non-issue as I suspected earlier.

Liquid and computers don't mix. It might seem simple, but we see an incredible amount of people post here about spills. Keep drinks and other liquids away from your expensive electronics!
QUOTE Thanks
cwa107

 
cwa107's Avatar
 
Member Since: Dec 20, 2006
Location: Middletown, Pennsylvania
Posts: 26,625
cwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond repute
Mac Specs: 15" MBP, Core i7/2GHz, 8GB RAM, 480GB Crucial M500 SSD

cwa107 is offline
Another Update, 3.0.1 is now released and patches the problem.

http://www.macdailynews.com/index.ph...iphone_os_301/

Liquid and computers don't mix. It might seem simple, but we see an incredible amount of people post here about spills. Keep drinks and other liquids away from your expensive electronics!
QUOTE Thanks
god0fgod

 
god0fgod's Avatar
 
Member Since: Jun 24, 2008
Posts: 196
god0fgod is an unknown at this point
Mac Specs: Macbook White 2.13Ghz 160GB 10.6.4 (Buggy Version :() Snow Leopard

god0fgod is offline
Google have apparently done the same but what about Windows Mobile?

I'm guessing Microsoft don't care.
QUOTE Thanks
soccerphysio

 
Member Since: Apr 17, 2008
Posts: 154
soccerphysio is on a distinguished road

soccerphysio is offline
Has anyone had any problems with the upgrade? I just attempted to download the latest upgrade to my 3G. When I returned to my computer, it said that there was an error and the upgrade could not be completed. I had to do a soft reset of my phone, but when it comes on, all I get is a white screen, and then it shuts down again. What is going on? Can anyone help?!!!!
QUOTE Thanks

Post Reply New Thread Subscribe


« Any knowledge about being able to buy HD movies from iTunes in UK? | Google Chief, Eric Schmidt Steps Down from Apple's Board »
Thread Tools

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off
Forum Jump

All times are GMT -4. The time now is 08:40 PM.

Powered by vBulletin
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
X

Welcome to Mac-Forums.com

Create your username to jump into the discussion!

New members like you have made this community the ultimate source for your Mac since 2003!


(4 digit year)

Already a member?