Bug in Safari let thieves remotely control your iPhone

Okay listen, when you start safari and open a webpage, your iPhone can accept and run mailcious code without your notice. That is basically the exploit found by researchers, working for Independent Security Evaluators (ISE), a company that tests its clients’ computer security by hacking it. What they claim is that you simply injects specific malicious code to the Safari browser which can control your iPhone to let it do anything what you, as phone owner, can do. Examples: send the contact list to the attacker or steal any file on the iPhone. Let your phone vibrate and ring some ringtones. Dial a number, send a SMS or start recording audio and send it to the attacker (oldskool bug-device!). The stream below does not really proof their claim but ISE member Dr. Charlie Miller will be presenting the details of the exploit at BlackHat in Las Vegas on August 2 at 4:45. A deadline for Apple fix the problem. Here is a paper for the techguys among us.

Written by wakuwaku. Read more great feeds at is source WEBSITE
with no comments.
Read more articles on exploit and remote control and safari.

• [+] Digg: Feature this article
• [+] Del.icio.us: Bookmark this article
• [+] Furl: Bookmark this article

Related articles

• Arbitrary Code on iPhone? (November 11th, 2008)
• Creator of ZiPhone iPhone unlocker applies for job at Apple, finds a new exploit (From iPhoneWorld.ca - not for republishing) (November 3rd, 2008)
• First iPhone update only patches security holes (August 1st, 2007)
• Apple patches iPhone exploit itself , not the operator (July 27th, 2007)