"July 29, 2009
Your iPhone: Soon to be iPwned?
If you own a smartphone, chances are you've got a lot of important information stored on it. The typical handheld computer contains data ranging from e-mail to contact information to passwords to credit card numbers.
What if all that information could be accessed by cyberscum merely by receiving a tainted text message? According to security researcher Charlie Miller, there's no "what if" about it. If you've got an iPhone, it can happen, and on Thursday he promises to prove it to you.
In an article on Forbes' Web site, Miller claims that a flaw in Apple's popular handheld could allow "every iPhone in the world" to be hijacked:
If you receive a text message on your iPhone any time after Thursday afternoon containing only a single square character, Charlie Miller would suggest you turn the device off. Quickly.
That small cipher will likely be your only warning that someone has taken advantage of a bug that Miller and his fellow cybersecurity researcher Collin Mulliner plan to publicize Thursday at the Black Hat cybersecurity conference in Las Vegas. Using a flaw they've found in the iPhone's handling of text messages, the researchers say they'll demonstrate how to send a series of mostly invisible SMS bursts that can give a hacker complete power over any of the smart phone's functions. That includes dialing the phone, visiting Web sites, turning on the device's camera and microphone and, most importantly, sending more text messages to further propagate a mass-gadget hijacking.
"This is serious. The only thing you can do to prevent it is turn off your phone," Miller told Forbes. "Someone could pretty quickly take over every iPhone in the world with this."
Miller says he told Apple about the vulnerability more than a month ago, but the company has yet to issue a patch. In 2007, he discovered you could gain remote control over an iPhone by tricking a user into downloading software from an infected Web site via Mobile Safari, but Apple issued a patch before Miller demonstrated that exploit publicly.
And you Windows Mobile and Android users can wipe those smug looks off your faces, because Miller's got some surprises for you, too.
The iPhone SMS bug is just one of a series that the researchers plan to reveal in their talk. They say they've also found a similar texting bug in Windows Mobile that allows complete remote control of Microsoft-based devices. Another pair of SMS bugs in the iPhone and Google's Android phones would purportedly allow a hacker to knock a phone off its wireless network for about 10 seconds with a series of text messages. The trick could be repeated again and again to keep the user offline, Miller says. Though Google has patched the Android flaw, this second iPhone bug also remains unpatched, he adds.
OK, so the Android bug is patched. You T-Mobile G1 guys can smirk all you like. And that's fine, because most of you do, anyway. It's kind of annoying.
At any rate, if Miller's revelation is real, this is not good news - particularly since, at this writing, Apple's not patched the SMS bug, even though the company has known about it for some time. But then, Apple often is slow to patch flaws in both the iPhone and Mac OS X.
If Apple doesn't get a fix out the door quickly, iPhone users need to be vigilant. I certainly don't want my iPhone to become iPwned."