SMS flaw mars super-secure iPhone

Posted on 3 Jul 2009 at 11:54

The iPhone is vulnerable to a security flaw in SMS text messaging that could allow an attacker to remotely install and run unsigned software code with root access.

Charlie Miller, who has uncovered a number of OS X vulnerabilities, told a security conference that an attacker can exploit a flaw in the way the iPhone handles text messages to carry out all kinds of mischief, from tracking the location of the handset via GPS to activating the microphone or camera to carry out remote eavesdropping or surveillance.

Miller has informed Apple and agreed not to reveal details of the exploit. Apple is working on a patch that may be delivered with the OS 3.1 update that is currently being beta tested by developers.

This SMS weakness aside, the iPhone OS is remarkably secure, Miller told the conference, even more so that the full version of OS X running on Macs. Removing third-party tools such as Java and Flash helps, he said, as does the iPhone’s integral hardware-based protection and ability only to run software that has been approved by Apple.

Author: Simon Aughton

Get more reviews, tutorials and in-depth advice, every month with Computer Shopper.
Click here to try 3 issues for £1

< Previous News : Mobile phones Next >

Be the first to comment on this article

You need to Login or Register to comment.