A Single Text Message Can Cripple Your iPhone

Status
Not open for further replies.

omnimodis78

Distinguished
Oct 7, 2008
326
0
18,940
I'm confused - so he doesn't have a working exploit for it but he suspects there's a suspicious looking crash? LOL Now that's really scientific!
 
G

Guest

Guest
What they have managed to do, is to prove that the SMS service on an iPhone most likely have root access. They build this prof on the fact that code sent through an SMS has crashed their iPhone without the users involvement.
The reason they're coming out with their warning is because they fear someone could use this exploit for worse things than just an annoying crash, such as installing software for surveillance(location, video and voice access) or the buildup of a botnet using iPhones.

As for Apple I expect they will say it's unlikely someone will use the exploit and won't fix it until after the first real attack is documented, instead of now when they got the warning.
 

brendano257

Distinguished
Apr 18, 2008
341
0
18,930
[citation][nom]omnimodis78[/nom]I'm confused - so he doesn't have a working exploit for it but he suspects there's a suspicious looking crash? LOL Now that's really scientific![/citation]

He can code a txt message to crash the iPhone, but he can't use any other code he knows of to make...lets say a botnet of iPhones, or how to tap in to your microphone or camera to see what your doing. He can crash it, but not use it to his advantage is what it says.
 

cal8949

Distinguished
Jul 9, 2007
15
0
18,560
thanks for telling me. now i can work on that code to bring down all iphones.

if you have a security problem you probably should tell the whole world were the week spot is. it would be like me telling you - yeah this house is all secure and locked up no one can get in.... except the window over there if you go through that you can steal my stereo
 

Kami3k

Distinguished
Jan 17, 2008
575
0
18,930
[citation][nom]cal8949[/nom]thanks for telling me. now i can work on that code to bring down all iphones.if you have a security problem you probably should tell the whole world were the week spot is. it would be like me telling you - yeah this house is all secure and locked up no one can get in.... except the window over there if you go through that you can steal my stereo[/citation]

except that unlike you, Apple can be sued.
 

hacker91

Distinguished
Aug 13, 2006
2
0
18,510
The media creates more problems then they report. Telling would-be hackers of a security flaw is just asking for them to make the hack that DOES access the areas of the phone the security guy couldnt.
 

Harby

Distinguished
Dec 11, 2008
33
0
18,580
[citation][nom]omnimodis78[/nom]I'm confused - so he doesn't have a working exploit for it but he suspects there's a suspicious looking crash? LOL Now that's really scientific![/citation]

Your reading comprehension is most excellent, NOT.
 

DXRick

Distinguished
Jun 9, 2006
117
0
18,640
This has to be easy to fix or prevent.

Fix: the service provider can edit text messages for non-text characters (a-z, 0-9, and special characters like !#&*$%). Obviously, anyone sending a message with code in it is up to something.

Prevent: Can't the user control who sends them text messages? Otherwise you would get endlessly spammed.
 

Sicundercover

Distinguished
Dec 2, 2007
125
0
18,630
[citation][nom]hacker91[/nom]The media creates more problems then they report. Telling would-be hackers of a security flaw is just asking for them to make the hack that DOES access the areas of the phone the security guy couldnt.[/citation]

Its because Apple is notorious for holes in their security until its exposed to the world. If you dont expose they go on lying and saying they are completely secure which they are not.

Hence the past 2 years in a row at Own 2 Pwn.
 

Sicundercover

Distinguished
Dec 2, 2007
125
0
18,630
"
Its because Apple is notorious for holes in their security until its exposed to the world"

Edit:

What I ment to say is, "Its because Apple is notorious for NOT FIXING holes".
 
G

Guest

Guest
BS, I don't believe any of this. They just want to force people to patch the phone. Root access through an SMS? LOL
 

cabose369

Distinguished
Aug 18, 2006
56
0
18,580
I need to find out how I can do this so I can send one to my friend who is so in love with his Iphone he can't accept the fact that there are a lot of flaws with it and thinks this is all media BS. That'll teach em!!
 

NYCGPS

Distinguished
Dec 3, 2008
12
0
18,560
[citation][nom]cabose369[/nom]I need to find out how I can do this so I can send one to my friend who is so in love with his Iphone he can't accept the fact that there are a lot of flaws with it and thinks this is all media BS. That'll teach em!![/citation]

its VERY easy to do.

rofl. I just crashed a few of my friends with it. they were like "WTF HAPPENED?"

I was like

Happy July 4th Bitches ! LOL !
 

squatchman

Distinguished
Oct 31, 2008
40
0
18,580
Even if the exploit to cause the crash doesn't exist yet, it's only a matter of time.

Security through obscurity is no security at all and we should be glad that people like this are looking for the tricks they can find.
 
Status
Not open for further replies.