Al writes "Two researchers have found a way to run unauthorized code on an iPhone remotely. This is different from 'jailbreaking', which involves having physical access to the device. Whereas normally applications have to be signed cryptographically by Apple in order to run, Charles Miller of Independent Security Evaluators and Vincenzo Iozzo from the University of Milanfound more than one instance in which Apple failed to prevent unauthorized data from executing. This means that a program can be loaded into memory as a nonexecutable block of data, after which the attacker can essentially flip a programmatic switch and make the data executable. The trick is significant, say Miller and Iozzo, because it provides a way to do something on a device after making use of a remote exploit. Details will be presented next month at the Black Hat Conference in Las Vegas." Link to Original Source
This discussion was created for logged-in users only, but now has been archived.
No new comments can be posted.
Hackers Open Up the iPhone's OS 0 Comments More Login /
Get More Comments