AAPL Stock: 117.4 ( -0.9 )

Printed from

Apple working to patch iPhone SMS vulnerability

updated 09:35 am EDT, Thu July 2, 2009

Apple patching iPhone SMS

Apple is working to fix a critical vulnerability in the iPhone's text messaging function, says security researcher Charlie Miller. Presenting at the SyScan conference in Singapore, Miller explains that while he has agreed with Apple to avoid details -- at least until the next Black Hat USA meeting -- he can say that the vulnerability might allow a hacker to run exploits on a remote phone, using code sent through SMS. In theory an affected phone could be used to track a person's location, or listen in on ambient conversations; alternately, it could be made to participate in a botnet or a denial-of-service attack.

Because Apple knows of the vulnerability, the company is already said to be planning a patch for release later this month. Miller comments though that the iPhone OS is generally more secure than its equivalent on desktop Macs, mainly as a result of being stripped down. It omits Flash, Java and other attack vectors, and by default it can only run applications signed by Apple.

At the same time memory is hardware-protected, and apps are sandboxed, restricting the amount of damage one exploit can do. SMS has been given an unusual amount of freedom however, and by sending multiple SMS messages in binary, complete programs can be delivered. It may also be possible to gain root access to an iPhone, says Miller.

by MacNN Staff




    Comment buried. Show
  1. ERG

    Joined: Dec 1969



    I wonder if does someone here checks what is published..
    SMS are only TEXT MESSAGES, no attachments or binaries can be included, only text..
    So the only vulnerability I can send/receive is the form of URL I can click and launch Safari with the same consequencies of going to an untrusted site..

  1. jondesu

    Joined: Dec 1969


    SMS binary

    I believe it's fairly obvious that what they're saying is that the SMS is sent in binary, not that a binary (a not-quite-accurate term Windowz people use to refer to an application) would be attached to it. It's certainly possible, otherwise it wouldn't be a problem worth Apple trying to fix it.

  1. testudo

    Joined: Dec 1969


    Re: bullshits

    Um, that's why it is called an 'exploit'.

    Most exploits are by 'specifically constructing' a URL or other data so as to 'exploit' the problem (usually a buffer overflow) that would cause the content to be written into an executable block of code. No one sends EXEs anymore to break into systems. That's so 1990s.

  1. ERG

    Joined: Dec 1969


    SMS binaries or EXE

    I wonder if you all know what travel through the waves when you send an SMS at least in Europe..(jondesu, you're an a****** with your first post... Whoever you're since by looking at your previous posts here I get a "Sorry - no matches. Please try some different terms.") (Testudo, I really appreciate your technical comment!) you can only send TEXT in ASCII, and the software to recognize what travels only rebuilds that TEXT!This happens on every cellphone: this is is called standard! just like how email messages are to be constructed to be recognized by every mail-reading system..

  1. ERG

    Joined: Dec 1969


    never had so many...

    negatives evaluations..
    Probably my fault is in having said Testudo' comments are not the way the people here is painting them..
    But the main comment in my mind is for that f****** a****** JONDESU (never made a comment/thread before)..
    I used this kind of terms just to see if someone at mcnn read what it's published or they just want to make BULLSHITS

  1. ERG

    Joined: Dec 1969


    to whoever care about the

    I finally got time to get updated on the claimed assertions by Mr. Miller (derived by a look at a crashlog!)

    Technically would be possible to send someone a "binary SMS" and here's detailed how (including how-to instructions):

    Try by yourself to do that to an iPhone and you'll find that:
    1) iPhone OS doesn't support J2ME (Java 2 Micro Edition), one of the requisites
    2) you should've been able to send that SMS to a particular port and that's not possible on almost every country: you hand the SMS to the carrier and they take care of delivering it through their architecture...

  1. ERG

    Joined: Dec 1969


    more details here

Login Here

Not a member of the MacNN forums? Register now for free.


Network Headlines

Follow us on Facebook


Most Popular


Recent Reviews

Ultimate Ears Megaboom Bluetooth Speaker

Ultimate Ears (now owned by Logitech) has found great success in the marketplace with its "Boom" series of Bluetooth speakers, a mod ...

Kinivo URBN Premium Bluetooth Headphones

We love music, and we're willing to bet that you do, too. If you're like us, you probably spend a good portion of your time wearing ...

Jamstik+ MIDI Controller

For a long time the MIDI world has been dominated by keyboard-inspired controllers. Times are changing however, and we are slowly star ...


Most Commented