The mobile operators are commonly responsible to patch flaws and bugs of mobile phones. Apple left this right as (software)manufacturer open. According to IDGnews, patching the iPhone flaw would also show that Apple had made the right decision in reserving the right to patch the phone itself instead of handing over control of the iPhone software to the mobile carrier companies, as is common practice with mobile phones.
Carriers have been slow to patch devices, even when they have known bugs, said Robert Graham, CEO of Errata Security Inc. “Right now other smart phones are full of vulnerabilities and they are not getting patched,” he said. “This is actually a good test to see if Apple can do this better than the mobile carriers.”
Written by wakuwaku on July 27th, 2007 with no comments.
Read more articles on ATT and exploit and remote control and safari.
Okay listen, when you start safari and open a webpage, your iPhone can accept and run mailcious code without your notice. That is basically the exploit found by researchers, working for Independent Security Evaluators (ISE), a company that tests its clients’ computer security by hacking it. What they claim is that you simply injects specific malicious code to the Safari browser which can control your iPhone to let it do anything what you, as phone owner, can do. Examples: send the contact list to the attacker or steal any file on the iPhone. Let your phone vibrate and ring some ringtones. Dial a number, send a SMS or start recording audio and send it to the attacker (oldskool bug-device!). The stream below does not really proof their claim but ISE member Dr. Charlie Miller will be presenting the details of the exploit at BlackHat in Las Vegas on August 2 at 4:45. A deadline for Apple fix the problem. Here is a paper for the techguys among us.
Written by wakuwaku on July 23rd, 2007 with no comments.
Read more articles on exploit and remote control and safari.
