iPhone Vulnerability Yields Root Access Via SMS 186
snydeq writes "Pwn2Own winner Charlie Miller has revealed an SMS vulnerability that could provide hackers with root access to the iPhone. Malicious code sent by SMS to run on the phone could include commands to monitor location using GPS, turn on the phone's microphone to eavesdrop on conversations, or make the phone join a DDoS attack or botnet, Miller said. Miller did not provide detailed description of the SMS vulnerability, citing an agreement with Apple, which is working to fix the vulnerability in advance of Black Hat, where Miller plans to discuss the attack in greater detail. 'SMS is a great vector to attack the iPhone,' Miller said, as SMS can send binary code that the iPhone processes without user interaction. Sequences can be sent to the phone as multiple messages that are automatically reassembled, thereby surpassing individual SMS message limits of 140 bytes."
Wonder how this goes together .. (Score:3, Insightful)
Wondering if this can be combined with iPhone's ability to heat red hot while in your pocket
Can't Carriers Stop this? (Score:4, Insightful)
So I assume a buffer overflow? (Score:1, Insightful)
Wow, buffer overflows in 2009.
I guess ARM needs to implement No Execute Bit in their CPUs. You can't protect against dumb programmers.
If it wasn't a buffer overflow, then how in the name of all that is chocolate did some binary data get to be executable?!
--
Slashdot requires you to wait between each successful posting of a comment to allow everyone a fair chance at posting a comment.
It's been 13 minutes since you last successfully posted a comment
LOL.
Run up your bill too (Score:4, Insightful)
Nice little dDos attack device, with one hell of a use fee at the end of the month ...
Well there's your problem! (Score:5, Insightful)
"as SMS can send binary code that the iPhone processes without user interaction"
Why is it even possible to send raw binary? Shouldn't it allow only a heavily-filtered subset of characters?
Re:Ouch! (Score:5, Insightful)
Who the fuck though it would be a good idea to automatically execute the content of a message you have no control over whatsoever?
SMS? (Score:1, Insightful)
Re:Ouch! (Score:3, Insightful)
Yeah, because the same happened in the webserver market. Apache installations get rooted every single minute.
Re:Seems to affect other smart phones as well ... (Score:3, Insightful)
No learn to read. The second link says that they have technology to send an SMS Message to a phone without needing a carrier. It doesn't say anything about exploiting bugs in the handling of the SMS Message.
Cancel Texting (Score:4, Insightful)
I recently canceled texting completely on my iPhone 3GS. Texting fees are outrageous and I'm not putting up with them anymore. If you want to text me, send it to my email address. Your phone probably supports texting to an email address and you don't even realize it. You can also reply to free texts I send you and I get notified instantly.
Sure, I can't receive texts sent to my phone number, but that's a sacrifice I'm willing to make if I'm going to help my country kick this ridiculous habit of overpaying for tiny emails.
Re:Can't Carriers Stop this? (Score:5, Insightful)
It's not the carrier's responsibility to look at all SMS messages going through their system and filter them out, it's the iPhone's responsibility to not execute untrusted code in the first place. If this was a Microsoft device that's exactly what people would be saying.
Re:Well there's your problem! (Score:3, Insightful)
Apple bashers seemingly have one thing in common: they are inordinately smug c*** suckers
I thought that's the one thing that Apple fanbois had in common... now I'm confused.