36
Views
company Apple working working to eliminate the iPhone vulnerability that allows attackers to remotely install and run a forbidden code with full access to your phone.
Such invasions are designed for use in their work for lack of features iPhone text messages. About it said a specialist in the field of computer security Charlie Miller (Charlie Miller), in his presentation on SyScan hacker conference in Singapore. He was not told the details about the SMS vulnerability iPhone, citing a confidentiality agreement with Apple.
Mr. Miller is a specialist on the MacOS X operating system security, and co-author of the book "Handbook of a hacker."
SMS vulnerability allows an attacker to launch iPhone in the phone code, which is sent to them with the use of the mobile operator. This code allows you to use the iPhone team determining the user's location via GPS, to include the phone's microphone to eavesdrop on conversations purpose or use iPhone in Distributed Denial of Service DDoS and botnets.
Apple employees working on a resolution to this problem. And it is expected that the vulnerability will be eliminated at the end of this month - before Miller tells of her detail during a scheduled speech at another hacker conference - Black Hat USA - in Las Vegas.
If you do not take into account the SMS vulnerability of iPhone, in itself a simplified version of MacOS X, which is used in Apple's smartphones, making them more secure than PCs running the full version of this operating system. So says Mr. Miller.
A shortened version of MacOS X provides less chance of attackers. It has no applications and features such as support functions Adobe Flash and Java, which could also be used by hackers. Plus, the iPhone's built-in protection for data stored in memory. Phone is designed to work only on the basis of the code with a digital Apple signature.
IPhone apps must also run in the sandbox application. This protective feature isolates them from other applications and limits their access to other functions of the smartphone. However, it is text messages allow an attacker to gain better access to the functions of the iPhone, according to Miller. "Sms - is a great way to break into these phones," - he said.
Used primarily to exchange short text messages, SMS capable of transmitting binary iPhone phone. And then this code can already be processed without the owner's smartphone. Each SMS message is limited in size to 140 bytes, but longer sequences are split into multiple messages and then automatically re-assembled into one. The result is that, thanks to this feature and more impressive programs can be transferred to your phone, as Mr. Miller reassures.
In addition to all iPhone SMS vulnerability gives an attacker full access to your phone. It does not apply to its other applications - for example, web browser, where a weak spot opens an attacker can only access the sandbox of the application.
Miller asserts: «iPhone is more secure than OS X, but its SMS vulnerability could be crucial."
Subscribe
YOU MIGHT ALSO LIKE
