updated 06:10 pm EST, Mon November 3, 2008
iPhone crash bug spotted
Piergiorgio Zambrini -- creator of the iPhone jailbreaking tool Ziphone -- claims to have found a bug that can crash the phone along with a variety of other Apple devices, according to Forbes. The bug exists in the audio portion of Apple's video format, and can be exploited to crash the system when attempting to play a video file containing malicious code. The vulnerable code library is common to Apple operating systems and several Linux systems.
Forbes has confirmed the effect on the iPhone 3G, while Zambrini claims that any iPod or earlier-generation iPhone will also succumb to the bug. "I'm actually surprised that it's crashing the device rather then crashing the web browser, because that means he's got a kernel vulnerability in the iPhone," says Cameron Hotchkies, an engineer and Apple expert for TippingPoint.
Zambrini could attempt to profit from his discovery if Apple or other company is willing to pay for the information. "If he wanted to cash in on it he could always try taking it to us or one of the other exploit-purchasing companies," says Hotchkies. The systems engineer could also allegedly be looking for employment with Apple, although he may not be on a list of favored individuals. He has in the past applied for an iPhone security engineer position, but has not received a response.
Zambrini says he is researching the extent of the security flaw to find out if the bug could be used by malware to inject arbitrary code. So far he has not found a way to exploit the flaw at a higher level. "We can't say it's not possible, this thing needs to be studied a little deeper," he notes.