0

According to a report at The Register Apple is failing to keep iPhone software up to date with security patches. This despite the iPhone 1.1.4 software being nothing more than a "pared-down version of Mac OS 10.5" it says.

The Jesus Phone is said to be vulnerable to a number of exploits which have been patched pretty damn quickly in desktop software. The article refers specifically to the Apple WebKit vulnerability which uses a bug that was present in some versions of Safari to allow data theft from the iPhone. Miller successfully demonstrated this in March during the CanSec West security conference.

Successfully enough to win $10,000 in the Pwn to Own competition there at any rate.

Miller has a tool to exploit the vulnerability on the iPhone which, after having clicked on a malicious link of course, the user of the handset could find outgoing calls being made by he attacker as well as data being compromised.

Other security researchers are warning of more to come, including one uncovered by Aviv Raff which can allow phishing attacks using the iPhone. Raff is not publishing details as he waits for an Apple patch to emerge.

As Editorial Director and Managing Analyst with IT Security Thing I am putting more than two decades of consulting experience into providing opinionated insight regarding the security threat landscape for IT security professionals. As an Editorial Fellow with Dennis Publishing, I bring more than two decades of writing experience across the technology industry into publications such as Alphr, IT Pro and (in good old fashioned print) PC Pro. I also write for SC Magazine UK and Infosecurity, as well as The Times and Sunday Times newspapers. Along the way I have been honoured with a Technology Journalist of the Year award, and three Information Security Journalist of the Year awards. Most humbling, though, was the Enigma Award for 'lifetime contribution to IT security journalism' bestowed on me in 2011.

2
Contributors
1
Reply
2
Views
10 Years
Discussion Span
Last Post by linux
0

The iPhone security will always be a target for hacks, as it is such a great breakthrough; people want more.

Check out Jailbreaking, Pwning, etc. your iPod touch and iPhone -- it won't stop with the 1.1.* era of Firmwares; 2.0*+ will also be hacked.

It's just how computing works. People have been finding exploits and hacks in hardware and software since when computers were first invented.

Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.