iPhone Exploits Discovered



iphone dead

Researchers for Independent Security Evaluators have discovered two security vulnerabilities in the Apple iPhone. The vulnerabilities are found in the Safari browser through a method called “fuzzing”.

The first exploit requires the user to surf a maliciously coded website using the Safari browser. As soon as the user gets there, all tje data inside the device such as call history, voice mail information, SMS texts, contact information, e-mails, browser’s history and even passwords could be accessed and collected by the remote attacker.

The second exploit which was developed by the researchers themselves, also requires the user to visit a maliciously coded website. What the exploit does is cause the iPhone to vibrate and play a system sound. This exploit is also capable of making the iPhone send a text message, dial a phone number, turn on the microphone enabling the remote attacker to eavesdrop on any ongoing conversations.

Apple has been informed of the iPhone exploits and researchers have provided a patch that most likely will be included in a firmware update.

If you own an iPhone, here are some safety measures you can take:

  • Only visit sites you trust.
  • Only use WiFi networks you trust.
  • Don’t open web links from emails.

You can read the general information regarding the exploits here. Full disclosure of the iPhone exploits will be presented at the BlackHat convention in Las Vegas next month.

[image source: flickr.com/photos/sketch22]


Owner and editor of JaypeeOnline. Self-proclaimed geek. New media writer and consultant. WordPress advocate. Loves blogging, gadgets, video games and sports. You can follow him on Google+, Facebook or Twitter.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.