Wednesday, July 16,2008 @ 4:35pm
Analyst: iPhone patching has been botched
Apple left the iPhone exposed to a serious vulnerability for months despite knowing how to fix it, a security analyst alleges. Charlie Miller of Independent Security Evaluators notes that while the iPhone 2.0 firmware has since fixed the problem, for over three months, the v1.x firmware was vulnerable to the same WebKit exploit used to hack a MacBook Air within two minutes. The feat earned him $10,000 from TippingPoint Technologies.
Miller says that although he attempted to tell Apple about the suspected iPhone vulnerability, the company complained in response as recently as two weeks ago, when he mentioned the flaw to the Washington Post. "They said I should have reported this to Apple security rather than to the Washington Post," according to Miller. "I told them 'I gave you the exploit, what else do you want me to do?'"
Apple is said to have in fact denied the seriousness of the problem in the iPhone OS, labeling it different from the one that affected Mac OS X. The company backed up its statement by saying it had run Miller's exploit without trouble, but Miller claims that Apple neglected to run a final essential line.
Miller also charges that Apple has been slow in coping with iPhone vulnerabilities as rule, given that five of the 13 security holes fixed in iPhone 2.0 were patched for Mac OS X between March and June. ""Not every single Safari bug will also be on the iPhone, but almost every WebKit bug will," he says. "If they're going to patch Mac OS X, I don't see why they can't patch the iPhone at the same time."