iPhone Attacks Imminent

Printable View

April 18th, 2008, 03:08 PM
phernandez

iPhone Attacks Imminent

What, like it wasn't bound to happen? ;)

Safari Vulnerability Leaves Apple iPhone Open To Attack - CRN

Quote:

Security experts say that the design flaw, which was detected by researchers at application delivery solutions company Radware earlier this week, triggers a series of memory allocation operations on the memory pool, which in turn triggers another bug in the garbage collector.

In order to exploit the vulnerability, a user would have to open a malicious HTML page containing javascript, usually through some kind of social engineering tactic such as phishing e-mail. Researchers said that in a worst case scenario, the user will experience an application level denial of service attack that could result in a complete crash of the Safari browser. The crashed browser could ultimately escalate the malfunction to the point of paralyzing the entire iPhone appliance.

There's a great quote from a Radware manager that will have more than one of you nod in agreement.
April 18th, 2008, 06:03 PM
The-Spec

Quote:

However, that will likely change as the iPhone becomes more popular and marketshare increases, experts say.

There hasn't been very much going for PDA's and yet they've been around for a good number of years now. At best, this looks like a slow couple of months for articles.
April 18th, 2008, 09:16 PM
oofki

Mac software buggy? NO WAY! Ask the mac fanboys they will tell you how perfect it is...
April 18th, 2008, 10:53 PM
phernandez

Trying to start a flamewar, are we? :)
April 19th, 2008, 02:57 AM
oofki

Haha oops! :-P
April 19th, 2008, 03:40 AM
isildur

and remember, it's not a bug, it's a feature.
April 20th, 2008, 06:46 AM
oofki

Haha of course
April 20th, 2008, 04:52 PM
JPnyc

I somehow doubt there'll be a fullscale war waged on any type of handheld devices, iphones or any other variety. Where's the motivation? Someone compromises a system for 1 of 3 main reasons: For prestige, to create a spam zombie, or to steal sensitive info.

The prestige aspect won't fly because unlike hacking into a server that hosts some page, you can't demonstrate that you've hacked into a phone. How would anyone else know you've done it, other than the owner of course?

Spam networks want to infect something that's online a lot, preferably a broadband user who rarely shuts down. Handhelds are off a lot more than they're on.

As for sensitive info, I dunno anyone who accesses their bank accts. or similar sites, with a wireless device. Maybe there are lots, and I just don't know 'em.
April 20th, 2008, 05:08 PM
isildur

Quote:

Originally Posted by JPnyc

As for sensitive info, I dunno anyone who accesses their bank accts. or similar sites, with a wireless device. Maybe there are lots, and I just don't know 'em.

Ah, but you would be able to see how many times I searched for busy blondes on Youtube ;-)
April 20th, 2008, 08:32 PM
JPnyc

OK, so your wife has motivation to hack into your iphone :D