 |
 |
New iPhone Security Exploit Reported (June '09)
|
|
|
|
|
Clinically Insane
Join Date: Oct 2000
Location: Los Angeles
Status:
Offline
|
|
Slashdot IT Story | Hackers Find Remote iPhone Crack
"Two researchers have found a way to run unauthorized code on an iPhone remotely. This is different than 'jailbreaking,' which requires physical access to the device. Normally applications have to be signed cryptographically by Apple in order to run. But Charles Miller of Independent Security Evaluators and Vincenzo Iozzo from the University of Milan found more than one instance in which Apple failed to prevent unauthorized data from executing. This means that a program can be loaded into memory as a non-executable block of data, after which the attacker can essentially flip a programmatic switch and make the data executable. The trick is significant, say Miller and Iozzo, because it provides a way to do something on a device after making use of a remote exploit. Details will be presented next month at the Black Hat Conference in Las Vegas."
The attack was developed on version 2.0 of the iPhone software, and the researchers don't know if it will work when 3.0 is released.
Off-topic: I may be the only one, but I liked the new, oversized, high-rez Slashdot buttons. The old ones returned recently. I'd like to get the new ones back.
|
"The natural progress of things is for liberty to yield and government to gain ground." TJ
|
| |
|
|
|
|
|
|
|
Professional Poster
Join Date: Jan 2002
Location: London, UK
Status:
Offline
|
|
|
|
|
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
 
|
|
|
Forum Rules
|
|
|
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is Off
|
|
|
|
|
|
|
|
|
|
|
|
Top
