Security Flaw Found That Allows Control of iPhone

i_like_spam writes "The NYTimes is running a story about an iPhone flaw that has been found and documented by researchers from Independent Security Evaluators. Attackers were able to gain full control of the iPhone either through WiFi or by visiting a website with malicious code. The exploit will be demonstrated at BlackHat on Aug. 2nd at 4:45pm. Until then, 'details on the vulnerability, but not a step-by-step guide to hacking the phone, can be found at www.exploitingiphone.com, which the researchers said would be unveiled today.'"

Excellent!

[TheRaven64]

Now users of the iPhone can control their own device!

Of course, the down side is that so can everyone else...

Rut roh...

[EveryNickIsTaken]

Sounds like someone's going to be getting Apple Fanboy death threats tonight....

Re:Excellent!

[thedeadswiss]

Perhaps they should rename it yourPhone.

Re:Excellent!

[Don_dumb]

I prefer the iPwn.

Dear Author of Malicious Code

[chuckymonkey]

As a loyal Mac user and iPhone user I have to kill you.

Signed,
Mac Zealot

My life for Aiur!....errr Steve Jobs!

Stop waving that damn thing around

[pzs]

Does that mean I can take control of an iPhone remotely and deliver a brisk shock to those smug b*stards proudly brandishing their "new baby" on the train?

Peter

Re:Stop waving that damn thing around

[riffzifnab]

Should we be getting off your lawn now or is it almost time for your nap? d:

Re:Duke University

[kannibal_klown]

They already admitted that the problem wasn't with the iPhone, but Cisco's routers. I found the whole thing kind of funny.:

Dan: Our network is flaking out then crashing. We need to find the problem before the Spring semester kicks in and we're really in trouble.
George: Hmm, the iPhone just came out the other day. I doubt that's a coincidence, it must be a faulty product.
Dan: Are you sure? I haven't heard about any of these issues on other campuses or companies. I think we should look into this further.
George: Nah, it's not our problem, it's Apple's. Let them figure it out.

Re:Stop waving that damn thing around

[Ohreally_factor]

I'll make you a deal. I'll stop waving it around if you go put some pants on, grandpa.

Guess Maddox was right?

[Odonian]

http://www.thebestpageintheuniverse.net/c.cgi?u=ip hone [thebestpag...iverse.net]

Re:Rut roh...

[Ash Vince]

Nah, it is the illegitimate love child of Henry Rollins and J K Rowling

Re:Dear Author of Malicious Code

[elrous0]

[as I dowse myself with gasoline] It's all for you, Steve! IT'S ALL FOR YOU!!!

Re:Excellent!

[kai.chan]

Or better yet: iPhwn.

Re:Excellent!

[Zackbass]

It has finally happened! The time has come to plug this old graphic:

http://donkeykong.mit.edu/wiki/images/0/09/Ipwned. png [mit.edu] (NSFW for poorly drawn penis)

Re:Rut roh...

[Odin's Raven]

Sounds like someone's going to be getting Apple Fanboy death threats tonight....

I can see the commercials now...

Mac and PC walk in from opposite sides of the screen. Mac is dressed as a ninja - custom-tailored silks, authentic-looking swords, the works. PC wears his typical clothes, but in a disheveled fashion reminiscent of Michael Douglas in "Falling Down", complete with briefcase in one hand and machine gun in the other. (Although it's painfully obvious that PC's "gun" is a cheesy plastic model acquired from the local toy store.)

• Mac: Hi, I'm a Mac Fanboy death threat.
• PC: And I'm a PC Fanboy death threat.
• Mac: The other day someone claimed an Apple product was less than perfect.
• PC: Every day people say I'm no good. Every...damn...day.
• Mac: I hear ya, PC. In my case, I've assembled a multimedia production based around video clips taken while discretely stalking the person responsible, as text seamlessly scrolls past detailing the inherent superiority of the product in question and Mozart's "Dies Irae" from his "Requiem in D minor" plays in the background. (Pulls out iPhone and shows to PC - we catch glimpses of the movie and hear a snippet of music.)
• PC: I have a powerpoint slide I send the offending party. (Opens briefcase and pulls out a tattered piece of paper, hands to Mac).
• Mac: (Reading paper) Hmmmm, "U r a lozer and yu is teh suckz. Im gona hurtz u 4 ur makking fun of me. Micrsfort rulez!" Yes, that should certainly make an impression. Nice use of the WingDings font for the dagger.
• PC: Thank you. Some people think I'm limited to boring text, but I do have access to some pretty snazzy graphics.
• Mac: Yes, I've never seen anything quite like it. Oh well, I'm off to infiltrate the home of the person who offended me, silently scaling the outside wall, entering through an open skylight, and performing a triple-backflip as I drop to the floor, where I'll leave my threat nestled in a bouquet of lotus flowers.
• PC: (Rolls eyes, clearly unimpressed.) Whatever. I'm going to catch the midtown bus, and nail my threat to the person's front door. And if they give me any lip, I've got this!
• (PC brandishes toy gun, pulls trigger. Gun plays a few seconds of 80s-era laser sounds, which trail off as the batteries die.)
• PC: Darn, why does this always happen? Now I've got to get a new weapon.
• Mac: Do you want to call a few places, see what's in stock? (Offers iPhone to PC)
• PC: Thanks, I ... (starts to reach for iPhone, changes mind.) Ummm, no, actually I'm good. Everything's just fine. Okay, gotta go.
• (PC shuffles dejectedly offscreen. Mac watches PC leave, then does a backflip out of frame.)

An iPatch?

[Anonymous Coward]

If Apple releases an iPatch, does that mean they support piracy? Arrrrrr, avast ye LAN-lubbers!

Re:no wonder they don't allow programming the thin

[PolarIced]

Here are some more examples of Symbian security (apparently their first priority):

1. The phone randomly locks up and/or turns off - this fools 3v1L hackers.
2. Won't connect to most Bluetooth devices - keeps hackers out. Very clever!
3. When syncing contacts, it mixes up all the fields so that an 3l33t hacker won't be able to make sense of them. You won't either, but at least you're safe.
4. Apparently has a built-in function to slow all operations to a C...R...A...W...L... - this prevents hackers from using high speed automated systems to hack your phone. Ingeneous!

Signed,
A proud owner of a Cingular Nokia (Swedish for moose dung) phone.

PS - Hack my phone. I dare you! Whoops . . . wait a minute. Let me reset it first.

Re:Duke WAS NOT Apple's fault

[scribblej]

Parent is modded "+ Interesting" because it's someone admitting he was wrong on Slashdot... should be modded "+ LastChanceToSee"...