Posted by Calvin in Mobile, Security, Tech News | 0 Comments
iPhone hacked via Safari mobile
In this year’s CanSecWest Pwn2Own hacking contest, Vincenzo Iozzo and Ralf Philipp Weinmann showed how they were able to hack into an iPhone and grab the entire SMS database including messages that were already deleted. They said that with their exploit, they can also get the phone’s contact list, e-mail database, photographs and even the music files.
Weinmann explained that when a user visits a page from their site, it will grab the SMS database and upload it to their server. What’s bad (or good however you want to see it) about this exploit is that even if it is only restricted to the iPhone sandbox, it can still do a lot of damage.
How did they do it? Obviously they won’t share but they won a $15,000 cash price for turning over their hack. iPhone users (and maybe even iPod Touch) should expect a patch in the near future.
Safari isn’t as secure as we thought as Charlie Miller once again hacked into a Macbook via its browser.
[via ZDnet]
Related posts:
- iPhone 2.0 Jailbreak: The Race to Unlock the iPhone 3G
- ChinaKing’s iPhone Clone is a Mobile Projector
- iPhone 3G spotted at Greenhills
- Globe Telecom confirms iPhone 3G in the Philippines
- iPhone OS 2.2 Released, Lets You Turn Off Auto Correction in Keyboard Settings
