updated 09:35 am EDT, Thu July 2, 2009
Apple patching iPhone SMS
Apple is working to fix a critical vulnerability in the iPhone's text messaging function, says security researcher Charlie Miller. Presenting at the SyScan conference in Singapore, Miller explains that while he has agreed with Apple to avoid details -- at least until the next Black Hat USA meeting -- he can say that the vulnerability might allow a hacker to run exploits on a remote phone, using code sent through SMS. In theory an affected phone could be used to track a person's location, or listen in on ambient conversations; alternately, it could be made to participate in a botnet or a denial-of-service attack.
Because Apple knows of the vulnerability, the company is already said to be planning a patch for release later this month. Miller comments though that the iPhone OS is generally more secure than its equivalent on desktop Macs, mainly as a result of being stripped down. It omits Flash, Java and other attack vectors, and by default it can only run applications signed by Apple.
At the same time memory is hardware-protected, and apps are sandboxed, restricting the amount of damage one exploit can do. SMS has been given an unusual amount of freedom however, and by sending multiple SMS messages in binary, complete programs can be delivered. It may also be possible to gain root access to an iPhone, says Miller.