|
IPhone SMS "hack"
I have read in a few reputable and not so reputable lcations that there is a major SMS security flaw in the iPhone 3.X software. It would potentially allow someone to hijack many phone functions including spamming other phones with SMS and infecting them as well. Allegedly this can be done wihout the knowledge of the phone user and without the use visitng any malware infected websites. A few sources indicate that apple is aware of the flaw and have failed to act to fix it for over a month.
I wanted to know if anyone here has head anything about this and if people knwo or think it is a real threat. I can't find a whisper about it on anything officially apple and a few sites I regularly visit which have frequent apple news haven't mentioned this even to dismiss it. anyone have any ideas? Is this a bad Internet rumor or should I be turning off my phone? Thanks as always, titled comrades. |
I seen it come up almost a month ago on Engadget.
It is getting more press now because the guy who found the hack is revealing it to the world at Black Hat conference today. Here is a link to the Endgadget article from July 2 Apple patching nasty iPhone SMS vulnerability |
The patch (3.0.1) was released yesterday or the day before.
|
As Psycho Dad said, it has been released. Check for Software Update in iTunes - the notes specifically say "Fixes SMS hack", IIRC.
|
The hack is real and is quite disturbing. Also it was just released today that apple keyboards can fairly easily be hacked on the hardware side to log all keystrokes. This means someone could unplug your keyboard, apply the hack, plug your keyboard back in and you would not know what is going on. They would need no login access to the computer.
|
Quote:
SAY WHAT?!?! Since when does the iPhone have a keyboard you can unplug?!?!?! |
I think he means the ones for Macs. This is worrying:
Apple Keyboards Vulnerable to Firmware Hack I might look around for a third-party Mac keyboard... |
If you've got physical access, you can plug a physical keylogger in. More detectable, if you're looking, but easier. In the security world, once somebody's got physical access, you've already lost the game.
|
Quote:
1) University Labs, log into a public terminal and your login credentials are saved. Gaining physical access to this would be simple. 2) Individuals could easily buy brand new mac keyboards, reflash them, and then sell them as new either in a shop, on ebay, etc. Even worse employees for the manufacture could do this during the manufacturing process. The problem with this hack is the peripheral itself which is generally a trusted device can be reprogrammed to do very bad things and no one would know better. |
Tampered returns and manufacturing were my first thoughts when I heard about it. That's a pretty big fucking deal, though. I don't know how Apple leaves such huge holes sometimes.
|
Besides me not using a mac.
Physical access is something no one gets around here, NO one and I mean NO ONE touches my computer. Wife included. |
| All times are GMT -8. The time now is 05:44 PM. |
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Search Engine Optimization by vBSEO 3.6.0 PL2
© 2002-2012 Tilted Forum Project