AOH :: ISNQ4837.HTM

Hacked iPhone No Longer Just a Theory: Demo Turns iPhone into Spy Device




Hacked iPhone No Longer Just a Theory: Demo Turns iPhone into Spy Device
Hacked iPhone No Longer Just a Theory: Demo Turns iPhone into Spy Device



http://blog.wired.com/27bstroke6/2007/11/hacked-iphone-n.html 

By Kim Zetter 
Wired.com
November 16, 2007

Readers of Threat Level will recall a little bit of flack that I and 
Wired received recently for writing a couple of stories about problems 
with the iPhone's security.

As we pointed out here and here, security researchers took issue with 
the design of the iPhone, because the phone has all programs running as 
root and requires no authentication to install applications. The theory 
is that if any program has a vulnerability -- similar to one that was 
already discovered in a library used by the iPhone's browser and e-mail 
programs -- then a hacker could exploit the vulnerability by remotely 
installing malicious code that takes over the phone. One possible attack 
I mentioned was to turn the phone into a bugging device.

Security researcher Rik Farrow told me that Apple could easily have 
designed the phone to make this harder to do but likely didn't do so 
because it would have taken more time and delayed the product launch.

Blogger Daniel Dilger used one of the stories as an opportunity to 
attack me personally as well as another expert I interviewed, saying 
that I and the researcher didn't know what we were talking about. He 
also erroneously reported that I'd interviewed only one source for my 
research -- but that's beside the point.

Well Fast Company asked Farrow to try to take over an iPhone using a 
tool developed by H.D. Moore, the author of the Metasploit tool -- who 
is also one of the researchers I interviewed for my stories. The result 
can be seen in a video that Farrow made showing his attack. (See the 
video after the jump.)

[...]


__________________________________________________________________      
Visit InfoSec News
http://www.infosecnews.org/ 

Site design & layout copyright © 1986-2014 CodeGods