iPhone Attacks Imminent

***phernandez*** · April 18th, 2008, 03:08 PM

What, like it wasn't bound to happen?

Safari Vulnerability Leaves Apple iPhone Open To Attack - CRN

Security experts say that the design flaw, which was detected by researchers at application delivery solutions company Radware earlier this week, triggers a series of memory allocation operations on the memory pool, which in turn triggers another bug in the garbage collector.

In order to exploit the vulnerability, a user would have to open a malicious HTML page containing javascript, usually through some kind of social engineering tactic such as phishing e-mail. Researchers said that in a worst case scenario, the user will experience an application level denial of service attack that could result in a complete crash of the Safari browser. The crashed browser could ultimately escalate the malfunction to the point of paralyzing the entire iPhone appliance.

There's a great quote from a Radware manager that will have more than one of you nod in agreement.

**The-Spec** · April 18th, 2008, 06:03 PM

However, that will likely change as the iPhone becomes more popular and marketshare increases, experts say.

There hasn't been very much going for PDA's and yet they've been around for a good number of years now. At best, this looks like a slow couple of months for articles.

***oofki*** · April 18th, 2008, 09:16 PM

Mac software buggy? NO WAY! Ask the mac fanboys they will tell you how perfect it is...

***phernandez*** · April 18th, 2008, 10:53 PM

Trying to start a flamewar, are we?

***oofki*** · April 19th, 2008, 02:57 AM

Haha oops! :-P

**isildur** · April 19th, 2008, 03:40 AM

and remember, it's not a bug, it's a feature.

***oofki*** · April 20th, 2008, 06:46 AM

Haha of course

***JPnyc*** · April 20th, 2008, 04:52 PM

I somehow doubt there'll be a fullscale war waged on any type of handheld devices, iphones or any other variety. Where's the motivation? Someone compromises a system for 1 of 3 main reasons: For prestige, to create a spam zombie, or to steal sensitive info.

The prestige aspect won't fly because unlike hacking into a server that hosts some page, you can't demonstrate that you've hacked into a phone. How would anyone else know you've done it, other than the owner of course?

Spam networks want to infect something that's online a lot, preferably a broadband user who rarely shuts down. Handhelds are off a lot more than they're on.

As for sensitive info, I dunno anyone who accesses their bank accts. or similar sites, with a wireless device. Maybe there are lots, and I just don't know 'em.

**isildur** · April 20th, 2008, 05:08 PM

Originally Posted by JPnyc

As for sensitive info, I dunno anyone who accesses their bank accts. or similar sites, with a wireless device. Maybe there are lots, and I just don't know 'em.

Ah, but you would be able to see how many times I searched for busy blondes on Youtube ;-)

***JPnyc*** · April 20th, 2008, 08:32 PM

OK, so your wife has motivation to hack into your iphone

Thread: iPhone Attacks Imminent

Thread Tools

Display

iPhone Attacks Imminent

Similar Threads

Tcp/ip

Posting Permissions