Security Vulnerabilities highlighted by hackers targeting the iPhone

Source: Internet
Author: User
Tags root access

Apple's iPhone is officially available at, September 10, June 29. To buy it, some Americans even waited in a queue for "camping. As soon as the iPhone was sold, it was targeted by security personnel (including hackers, of course). In less than 72 hours of its release, security personnel reported that, they have discovered at least one vulnerability that can be attacked and gain partial control permissions. At the same time, some hackers claimed they had discovered a password hidden in Apple software that could gain root privileges.

Errata Security reports that the most serious iPhone error exists in the iPhone's Safari browser. Errata CEO Robert Graham said: "The buffer overflow vulnerability in the iPhone Safari browser allows attackers to fully control the iPhone and run any code on the iPhone. Taking into account the ancient attack methods, hackers can use computers that intrude into the system to call toll-based phones and make profits from them, hackers who have successfully exploited the iPhone vulnerability can also use the controlled iPhone to make a profit by dialing "900 phones."

Errata Security also announced a vulnerability in the iPhone Bluetooth function. By using fuzzer to test the vulnerability, it is found that attackers can easily use conventional methods to completely lock the iPhone.

At present, Apple representatives have not responded to questions about iPhone security.

Since the release of the iPhone last Friday, hackers have been scrambling to discover security vulnerabilities in the iPhone or try to perform operations that are not allowed by designers on the iPhone. Researchers are currently trying to unlock the iPhone so that it can be used on networks outside AT&T, or run Linux on the iPhone, the researchers said they have been making progress.

IPhone researchers even built a Wiki on the Internet about iPhone security to share their findings on the iPhone, such as how to unlock the iPhone and enable it to run third-party software.

So far, a relatively successful example is that a hacker has discovered the password required for the root access to the application on the iPhone, one of which is "dottie" (remove the quotation marks ), the other password "alpine" (remove the quotation marks ).

Kevin Finisterre, a researcher at a neutral institution, said that although no one has been fully granted the root permission to access the iPhone, he thinks this is only a matter of time. At the same time, Finisterre said: "Not many people buy an iPhone just like me, and not everyone will be willing to spend $500 to buy the iPhone. However, once the iPhone is popularized, I believe there will be more novel things about the iPhone ."

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.