toggle

AAPL Stock: 476.68 ( + 7.85 )

Details of iPhone TIFF exploit posted

updated 05:50 pm EDT, Wed October 17, 2007

iPhone TIFF exploit detail


The details of a TIFF rendering security exploit for the iPhone -- which has been used to unlock the device and "jailbreak" it so that the filesystem can be read and written to -- have been published by hacker HD Moore, along with a revised, more robust version of the exploit. The vulnerability affects the iPhone's Safari browser, its e-mail program, as well as by the iTunes software and can be sent via e-mail or embedded in a Web page. It works on OS's 1.0, 1.0.1, 1.0.2 and 1.1.1. Moore told Computerworld that Apple has to leave a way to restore an iPhone back to previous versions of the firmware, which means that the bug will always be exploitable on the devices even if Apple patches it in future releases.

Moore said "I think the iPhone is pretty terrible," he said, referring to its level of security. "It's an easy platform to exploit." He said that's because exploiting any iPhone application gives root access to the entire phone. Moore also predicted that actual malicious code exploiting the TIFF vulnerability would be on the loose "pretty soon."

There are currently three different methods for hacking into the iPhone 1.1.1 filesystem are circulating on the Web, including the one mentioned above, which takes advantage of the TIFF exploit security bug. The most promising method to appears to be a publicly method of downgrading the firmware to v1.02, applying some modifications to the file system and then upgrading the firmware back to v1.1.1, thereby allowing users to run an application like AppTapp to install third-party applications.

Apple could simply (and likely will) patch the TIFF security flaw in the next update to easily disable this method; however, hackers could downgrade the firmware to re-enable the exploit.


"All they'll need to do is back port the firmware to an earlier version that's vulnerable," Moore told ComputerWorld. "Apple has to leave a way to restore an iPhone back [to previous versions of the firmware]."


by MacNN Staff

(5)

TAGS :

 Apple
toggle

Comments

  1. ZinkDifferent

    Fresh-Faced Recruit

    Joined: Jan 2005

    -2

    "Has to...?"

    I very much doubt that Apple "HAS TO" leave a way to downgrade. They need an access point to upgrade, and considering that they are moving to a model of signed and encrypted software, it looks to me like any such exploits will be plugged soon, after leopard ships.

    Buh-Bye, hack-boys!

  1. thinkman

    Fresh-Faced Recruit

    Joined: Jan 2005

    0

    Epidemic

    One would think that "hacking" electronic devices is an epidemic by the number of articles on it. The only "service" they provide is to keep good companies on their toes. However, if it weren't for hackers, these companies likely wouldn't have to be on the alert all the time.

    As for the comment regarding downgrading, virtually every piece of the OS that is not root-level, is downgradable.

  1. chr1sl0ng

    Fresh-Faced Recruit

    Joined: Oct 2003

    -1

    downgrade the firmware

    That's like saying I could "downgrade to 10.0.0" to make my Mac more vulnerable to some random exploit that has since been patched. Of course I could, but I would lose functionality. Moreover, I could "downgrade to running Windows XP." Hey, while we're at it, let's build a new Linux distro for iPhone... I probably could, but I'm not going to. Give me a break!

  1. tomodachi

    Fresh-Faced Recruit

    Joined: Apr 2002

    0

    not an oxymoron, but

    "more robust version of the exploit."

    there's something deeply wrong about this phrase...

  1. randombob

    Fresh-Faced Recruit

    Joined: Jun 2007

    0

    fUD tactics

    Of course they have to have a way to downgrade/modify the firmware/software, but that doesn't mean that it's an actual exploit! Once 1.1.2 comes out and patches the flaw, it's no longer an exploit UNLESS they can remotely grab your iphone, load it up with the OLD firmware and downgrade the thing, all so they can run THIS exploit.

    Like Chr1s was saying..

    It's like saying that they found a vulerability in 10.1 that has since been fixed, yet still claiming that all mac users are vulerable, because we could *potentially* run/install that OS instead of the one we're currently using.

    By that line of logic, all intel Mac users are vulnerable to all Window viruses, because they could instead hack the mac and run windows instead of Tiger/Leopard.

    This is headline grabbing, nothing more.

Login Here

Not a member of the MacNN forums? Register now for free.

 
close
Photo
toggle

Network Headlines

toggle

Most Popular

10 Most Read

Recent Reviews

Logitech Cube

The world of mice could often be described charitably as stagnant: it's an endless sea of ergonomic shapes that assume you're sitting ...

NewerTech and Targus USB Hubs For Gifts

A useful holiday present to resolve an ongoing frustration is a multi-port hub. Whether as a stocking stuffer, Chanukah present, or an ...

X-Rite ColorMunki Photo

Color calibration is the art of tweaking your monitor so that the colors represented on screen better match real life and your printer ...

toggle

Most Commented

10 Most Discussed