AAPL Stock: 524.94 ( + 5.93 )

Printed from

IBM: iPhone hype to test handset security

updated 11:40 am EDT, Fri June 22, 2007

IBM on iPhone security

Apple's highly anticipated iPhone -- which recently garnered more than one million enquiries via AT&T's website -- may well attract the attention of malicious users looking to breach the handset's security measures. With so much attention and hype built up around the $499/$599 gadget, experienced crackers are likely to try their hand at attacking the mobile phone, according to IBM. "We've been following it since it was announced," said Neel Mehta, the team lead of advance research group at Internet Security Systems -- IBM's security division -- in an interview with InformationWeek. "It's going to be challenging for the bad guys to exploit them like they do other [smart phones] but there will be a lot of individuals willing to try because of the amount of buzz around it... We've seen some very determined attacks on other mobile phone platforms, like the Symbian platform. A lot of these attacks are going to be very hard to launch against the iPhone."

by MacNN Staff





  1. wings_rfs

    Joined: Dec 1969


    Hard 2 Attack, Like a Mac

    "A lot of these attacks are going to be very hard to launch against the iPhone."

    You don't suppose that OSX has anything to do with that, do ya?

  1. MhzDoesMatter

    Joined: Dec 1969



    Or maybe Apple's "Mine" mentality that won't allow much of anything to run on it. The only real known avenue of attack right now is safari.

  1. testudo

    Joined: Dec 1969


    OS X

    No, its not because OS X runs on it. If it were, then Apple couldn't possibly argue that the reason not to allow 3rd party apps at this time is because of security reasons.

    mhzdoesmatter nailed the actual reason.

  1. stainless

    Joined: Dec 1969


    True be told...

    Hacking at the iphone is just like hacking at any other mobile... Let me outline this for you folks:

    1) If it makes a WiFi connection, oops I can slip in arbitrary code in the packets. 2) Downloading of email, it displays PDF inline, more code in the PDF to all me to attack. 3) ANY connection between Safari and any other application and from the sounds of it (dial direct from Safari, Steve taunted) I can make a phone number link with malicious code embedded in the URL. 4) Same as above, but with the Google Mapping application. 5) If "apps" (yes even web 2.0 apps) are downloaded and installed then that tells me that I could in theory install a malware program that forces Safari to goto X URL upon opening or other action.

    I could easily go on and being that they limited (requested limited) Safari to around 10Mb on downloads, that tells me that one can crash Safari. Now, if Safari crashes do you have to restart the phone or Safari? And I haven't even got into the hardcore hacking at OS level via Bluetooth, GSM data packets, etc.

    Boy, I have to admit I am getting excited on getting mine and hacking at it!!!

    Worry Some - Secure ALOT! Stainless

  1. chadpengar

    Joined: Dec 1969


    safari runs in sandbox

    Safari runs in a sandbox so cracking safari won't necessarily give you access to the phone. We'll see when exploits appear, if they do.

  1. rjwill246

    Joined: Dec 1969


    Yipes!! testudo is at i

    Mate, you have been wrong so often, why not give up and let IBM's experts do the talking? They just might have a clue!

  1. zac4mac

    Joined: Dec 1969



    First - thank you, testudo, for a good post, they're rare. @stainless - I've had Safari crash on my iPhone(8GB) several times and it never requires a restart of the phone, you just wind up back at the home screen and restart Safari, hit history and go back where you were. Oh rjwill246, IBM has a clue???(can you say 3GHz G5?) next you'll try to tell me that Motorola knew what was good for Apple in the late 90s and early years of the New Millenium... Z

Login Here

Not a member of the MacNN forums? Register now for free.


Network Headlines


Most Popular

MacNN Sponsor

Recent Reviews

Linksys EA6900 AC Router

As 802.11ac networking begins to makes its way into more and more devices, you may find yourself considering an upgrade for your home ...

D-Link DIR-510L 802.11AC travel router

Having Internet access in hotels and other similar locations used to be a miasma of connectivity issues. If Wi-Fi was available, it wa ...

Ooma Office small business VoIP

Voice over IP (VoIP) services have been around for a very long time. Only recently has the implementation become a bit more robust, al ...


Most Commented