Via a simple SMS, the iPhone can be hacked, according to Cjarlie Miller. Miller is a well-known securityspecialist and author of the Mac Hacker’s Handbook. Via the SMS vulnerability you’ll get access to the root of the iPhone. The SMS leak will give the attacker the possiblity to activate certain code via an SMS-message sent to you, Miller mentioned on the SyScan exchange.
The code can for example, track the location of the phone, turn-on the microphone or totally block it. By sending several SMS-messages written in binary code, an entire program can be send. This program then can get access to the root of the iPhone, causing lots of trouble.
Such leaks in applications are not that bad, because the applications run in their own sandbox. Imagine such a sandbox as an island where all bridges to the shore are up and not accessible.
Apple’s working on a patch for the SMS vulnerability. That patch is expected to be ready at the end of this month. After the patch is released, Miller will describe further details about the leak on the Black Hat conference in Las Vegas.
There’s also a positive side to all this. Miller tells that the version of OS X for the iPhone is still safer than the entire OS X for desktops and laptops. That’s because applications like Java and Flash are not available on the iPhone OS.
Apple werkt aan een patch voor de SMS kwetsbaarheid. Deze verwachten ze aan het eind van deze maand klaar te hebben. Zodra deze patch uitgegeven is zal Miller verdere details over het lek beschrijven in een presentatie op de Black Hat-conferentie in Las Vegas.
“The iPhone is more secure than OS X, but SMS could be a critical vulnerability,” says Miller.