[dawho9]

If you missed it:

iPhone flaw lets hackers take over, security firm says | CNET News.com

Not saying its the end of the world but if its true then we will see an iPhone update soon. Full disclosure is coming on August 2nd according to the web site.

dw9

[DKeithA]

Apple really needs to release an update. This is just one of a long list of issues. It's really surprising that more than three weeks have past with no fixes to all the issues that exist.

[icruise]

I don't think it's that surprising. This is the first serious issue that's cropped up. Other things are not security issues, but rather usability issues.

[dawho9]

Originally Posted by icruise 

I don't think it's that surprising. This is the first serious issue that's cropped up. Other things are not security issues, but rather usability issues.

I agree. Has there really been any other security issues. There is a long list of "features" we would like to see. But this must be the first security issue I recall.

My question is, does this affect OSX version of Safari as well?

dw9

[Earth Mk. II]

I read the preliminary report they released over lunch. This does affect Safari on Mac, but it's uncertain if it's exploitable since you don't automatically have root privileges on your desktop... or shouldn't, at least.

Really not that surprising they found a buffer overflow vulnerability in a web browser though.

[-Q-]

It always seems that a good portion of these exploits involve a 'buffer overflow' of some sort. You'd think they'd (the developers) would most certainly be aware of them by now and design their code to be immune or, at least, highly resistant to them...(says the guy who couldn't develop film, much less something as complex as a browser ).

[Earth Mk. II]

Originally Posted by -Q- 

It always seems that a good portion of these exploits involve a 'buffer overflow' of some sort. You'd think they'd (the developers) would most certainly be aware of them by now and design their code to be immune or, at least, highly resistant to them...(says the guy who couldn't develop film, much less something as complex as a browser ).

Well, a 'buffer overflow' lets you potentially overwrite the application's memory with whatever you want. Usually this just leads to the app crashing, but a malicious attacker and construct a payload that executes custom code.

Now, if everyone was really careful, and paid extra special attention, the number of bugs like this could be minimized. And, for the most part, they do.

Unfortunately, that's easier said than done when you're working with a large and complex code base. So, some slip through. That's by no means an excuse though, and the publisher has a duty to develop and distribute a fix for the vulnerability as soon as possible after it's found.

[mitchell_pgh]

I'll be interested to see how Apple responds. I think it will be a positive response should they include some added features. If it's only a security update, I feel some people will not be all that excited.

Just my 2¢

[kman42]

Originally Posted by Earth Mk. II 

This does affect Safari on Mac, but it's uncertain if it's exploitable since you don't automatically have root privileges on your desktop...

Out of curiosity, why does it matter if it runs as root or as a user? The exploit only seems to affect user data and could do the same things demoed by the researchers, such as send out address book info.

On a desktop the code couldn't affect the system or other users. The difference is that there is only one user on the iPhone. I don't think they've shown that the code can affect the system on an iPhone either. Although, since the iPhone is not a multi-user system, it doesn't really make any difference. On a desktop multi-user system the OS is concerned with maintaining the integrity of the system and of other users. Any given user can reek all sorts of havoc on their own files, but not on the system or other users.

On a single user system, a user can still cause all sorts of problems to their own files, it just seems worse since the device is only designed to have one user.

I'm not excusing or minimizing the impact on the iPhone user, just trying to point out that maybe there are other design concerns and the fact that the iPhone user runs as root isn't the biggest problem. Even if the iPhone was just running as a user, wouldn't the same exploit be possible?

I might just be misunderstanding how the exploit works and would love to here more details.

kman

[Earth Mk. II]

Originally Posted by kman42 

Out of curiosity, why does it matter if it runs as root or as a user? The exploit only seems to affect user data and could do the same things demoed by the researchers, such as send out address book info.

Well, I would agree with you, and a lot of by understanding of this vulnerability is limited by what's in the preliminary document they released, and I quickly read over lunch yesterday. For example, I'm unsure if the overflow is on the stack or heap. if it's a stack based exploit, Intel based machines wouldn't be vulnerable since both Windows and OS X honor the NX bit; and the process would be terminated with an exception, rather than allowing the malicious code to execute. To my knowledge, there is no such support on ARM-based processors. This would make the vulnerability exploitable on the iPhone, but not Intel based hosts.

As for the difference between root and user level permissions, well, in terms of personal data collection there probably isn't much difference. However, for an exploit like this to even have the possibility to modify system level resources is an unsettling concept.