Hackers expose iPhone threats, secrets
updated 11:10 am EDT, Fri July 6, 2007
Hackers expose iPhone
Although the iPhone has only been available for a week, some groups have already managed to expose potentially serious vulnerabilities, reports say. The consulting company Errata Security notes that the version of Safari on the phone is succeptible to a buffer overflow attack, which could allow a remote user to take control and run code. A similar bug was discovered in the desktop Safari earlier this month, but a potential exploit for the iPhone would call 1-900 numbers until the malware reponsible was somehow stopped or removed.
Errata has also discovered that by exposing the Bluetooth receiver to a "fuzzer" -- a stream of random data -- it is possible to cause the whole phone to lock up. This can be undone by manually rebooting the device.
Further efforts, this time by members of the Hackint0sh user forum, have revealed passwords used to gain access to key components. Applications require the word "dottie" to gain root access, while gaining mobile access can be done with "alpine." These were discovered by running the popular John the Ripper cracking program.
The passwords are not immediately useful however, as people have not actually managed root access. "As of yet," comments security researcher Kevin Finisterre, "those passwords do not have a specific use, but that's not to say that within the next 20 minutes somebody finds a service on port 123 and we can log into it."
Finisterre does believe though that it is just a matter of time before a root hack is discovered, and that elements such as DRM guards may be overcome as well. "I don't think enough researchers like myself have the iPhone in their hands," he says. "Once folks like us get a hold of the thing, I think you're going to see quite a bit of stuff go on."



Fresh-Faced Recruit
Joined: Jul 2004
Crash code
I never understood the reason a hacker would go through all the trouble of breaking into my iPhone just to make me reboot it. Likewise the 'huge security threat' imposed by someone being able to crash my browser. I have found ways to timeout or lockup a browser, but see no reason why anyone would want to do so.
Being able to make 1-900 calls on my iPhone would be an issue, I wonder if I can block 1-900 services from my AT & T account. I have never called a 1-900 number and never will so I have no problem doing so.