SMS Bug Leaves All iPhones Vulnerable To Hijacking
July 29, 2009
Is it possible that every single one of those millions of iPhones out in the wild are vulnerable to hijacking via a SMS bug? Two cybersecurity researchers would answer that question with a resounding "yes."
According to an article from Forbes, cybersecurity experts Charlie Miller and Collin Mulliner will be speaking at the Black Hat security conference in Las Vegas where they intend to reveal a bug that they have found in the iPhone's way of handling SMS that exposes the device to remote control through the bug, including its camera, dialer, and Safari. The worst part is that it is also able to send mass text messages to further propagate the hijacking. No matter the hardware or software revision, every single iPhone is vulnerable.
Miller and Mulliner have fully disclosed how the attack works:
The attack developed by Miller and Mulliner works by exploiting a missing safeguard in the phones' text messaging software that prevents code in the messages' text from overflowing into other parts of the device's memory where it can run as an executable program. The two researchers plan to demonstrate how a series of 512 SMS messages can exploit the bug, with only one of those messages actually appearing on the phone, showing a small square. (Someone could easily design the attack to show a different message or without any visible messages, Miller cautions.) The entire process of infecting an iPhone and then using the device to infect another phone on the user's contact list would take only a few minutes, Miller says.The only way to keep your iPhone from being hijacked is by shutting it off.
"This is serious. The only thing you can do to prevent it is turn off your phone," Miller told Forbes. "Someone could pretty quickly take over every iPhone in the world with this."Both experts have notified Apple of the bug about a month ago, but Apple has continuously ignored their warnings. Being that it is Apple they are dealing with, it is possible they have been working on a solution, but we won't know until one is released. Not so surprisingly, Apple isn't the only one that can be affected by the bug. Google's Android in its current form is vulnerable to a similar bug that is able to knock a user offline for 10-seconds, while Windows Mobile devices are affected in the same way as Apple's. Are you concerned about this bug, or do you think that Apple will release a fix in a timely manner, effectively making this news completely irrelevant? I am truly hoping for the latter.