funsec mailing list archives

Re: How to hijack 'every iPhone in the world'

From: Juha-Matti Laurio <juha-matti.laurio () netti fi>
Date: Fri, 31 Jul 2009 18:12:34 +0300 (EEST)

Details are being covered at
http://www.theregister.co.uk/2009/07/31/smart_phone_hijacking/

"....
The bug resides in CommCenter, a service that's responsible for handling SMS, wireless and other functions in the 
iPhone.
By default, it runs as root and isn't limited by an application sandbox. That makes it an ideal vector for taking 
control of the device.
What's more, the messages are delivered automatically and often aren't easy for users to block.
...."

Juha-Matti

der Mouse [mouse () rodents-montreal org] kirjoitti:

"On Thursday, two researchers plan to reveal an unpatched iPhone bug
that could virally infect phones via SMS.  [...]


Any betting Apple manages to get them gagged before they can present? :(

/~\ The ASCII                           Mouse
\ / Ribbon Campaign
 X  Against HTML              mouse () rodents-montreal org
/ \ Email!         7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

How to hijack 'every iPhone in the world' Juha-Matti Laurio (Jul 30)
- Re: How to hijack 'every iPhone in the world' der Mouse (Jul 30)
- <Possible follow-ups>
- Re: How to hijack 'every iPhone in the world' Juha-Matti Laurio (Jul 31)
  - Re: How to hijack 'every iPhone in the world' Dragos Ruiu (Jul 31)
- Re: How to hijack 'every iPhone in the world' Juha-Matti Laurio (Jul 31)