As part of the Pwn2Own 2010 hacking contest, Vincenzo Iozzo and Ralf Philipp Weinmann created an exploit which allows them to hijack fully-patched iPhones’ SMS databases—right down to deleted messages—simply by luring users to a “rigged” website.

Aside from hijacking entire SMS databases in about 20 seconds, the exploit could potentially also be used to “exfiltrated the phone contact list, photographs and iTunes music files.” All that by simply having a user visit a specific website and Read the full story

Popularity: 1% [?]

Charlie Miller, also known by some in the security community as “Safari Charlie” for his Safari exploits at the Pwn2Own hacking contest, has announced that he and Vincenzo Lozzo, a student at the University of Milan, have recently discovered a new exploit to trick the iPhone into running unsigned code, and will be revealing their findings at the Black Hat Security Conference in Las Vegas.

“The iPhone has lots of defenses,” Miller told Ars Technica, “including application sandboxes, memory protections, and lack of a shell.” The “memory protections” differentiate between data and code, and prevent areas marked as data from being executed as code. Read the full story

Popularity: 1% [?]

A developer claims to have found a new exploit in the iPhone that may let App Store developers sneak dangerous code into their apps. With Apple-developed apps, an image called ‘Default.png’ is displayed while the app is launching, and can do anything from show the current date or display the contents of the app before it’s finished loading. App Store devs are limited to static ‘Default.png’ images, but dev Patrick Collison has found a way around this. Read the full story

Popularity: 3% [?]

Yet another security flaw in the iPhone’s software had been found, and while it’s probably not particularly harmful to the majority of users, it is pretty interesting. Karl Kraft posted the exploit on his blog, but he wasn’t the one to uncover it. No, despite his skills with a computer and knowledge of the software, he didn’t find it. Instead he says it was found by his 12-year-old son.

The flaw is fairly basic. When the iPhone is locked using a passcode in emergency call only mode and with text message previews disabled, the iPhone will still show incoming text messages.

In these circumstances the iPhone should just show a “New Text Message” preview window, but instead it shows as much of the message as will fit in the preview window and the name or number of the sender.
Read the full story

Popularity: 2% [?]