Commentary
iPhone Is A Bigger Security Risk Than You Think
Just when it looked like the iPhone might make headway with the business market, a security expert shows just how vulnerable the iPhone really is to hackers.Just when it looked like the iPhone might make headway with the business market, a security expert shows just how vulnerable the iPhone really is to hackers.Here is a video with security expert Rik Farrow showing how one might hack an iPhone:
More Mobility Insights
White Papers
- The BlackBerry PlayBook tablet's Good Bones - by BlackBerry
- New Visual and Wizard-Driven Paradigms for Exploring Data and Developing Analytic Workflows
Reports
- Mobility’s Next Challenge: 8 Steps to a Secure Environment
- Time to Move: How to Ensure 'Mobility' Translates to 'Agility'
Webcasts
- Maximize ROI with Database Consolidation onto Private Clouds
- The ABC's of Cloud Computing in the Midmarket
The full article from Fast Company is pretty scary. Here is a look at the findings:
As a result, there are a number of ways to exploit the iPhone's defenses. If you know your target's phone number, you could text message a link to a malicious Website, which would covertly install a third-party application executing malicious code. The corollary would be to send your target an e-mail with a nefarious attachment; he clicks on it and the attacker "owns" the phone. Or there's always the "man-in-the-middle" (MITM) attack, which is perhaps the most James Bondian: You sit in, say, Starbucks with a laptop set up, as part of the ruse, to operate as a Wi-Fi access point, so a target's Web browsing and e-mail pass through your computer first. (How can you tell who has an iPhone as opposed to someone with a standard laptop, rival smartphone, or PDA? Simple -- the exploit only works on iPhones.) "This method would allow exploitation of any application that downloads images from the Internet," Moore says. "This covers standard Web-browsing using Safari, but also includes the iTunes Music Store, the YouTube video browser, and the Google Maps application."
Now, before you go and lock your iPhone in a vault lined with tin foil let me point this out:
"Taking over a PC allows you to install spam distribution servers that shoot out ads," says Daniel Eran Dilger, a San Francisco-based technical consultant and contributing editor to AppleInsider. "There's no real business model behind the kind of spy surveillance imagined by many writers." And Apple (which declined to comment), in its latest patch, inoculated the iPhone against the Metasploit that Farrow used. But in the cat-and-mouse game that hackers and companies like Apple play, you can be sure someone somewhere is hatching up new schemes to hack the iPhone. Perhaps they already have.
What do you think? Are iPhones vulnerable to Metasploit and other hacks? Will we see lots of iPhone users hacked in the next few weeks and months? Or is this just more gloom and doom from security experts?
Related Reading
 |
To upload an avatar photo, first complete your Disqus profile. | View the list of supported HTML tags you can use to style comments. | Please read our commenting policy. |
|
T-Shirt Giveaway: Each week we're selecting one great comment from our readers. The author of the comment will receive an InformaitonWeek Community t-shirt. So get posting! |
Subscribe to RSSResource Links
This Week's Issue
Technology Whitepapers
- Mobile BI: Actionable Intelligence for the Agile Enterprise
- Creating the Enterprise-Class Tablet Environment - by Yankee Group
- The BlackBerry PlayBook tablet's Good Bones - by BlackBerry
- Red Alert: Why Tablet Security Matters - by BlackBerry
- New Visual and Wizard-Driven Paradigms for Exploring Data and Developing Analytic Workflows
Featured Resource
This white paper focuses on the critical need to manage outbound content sent via various avenues including email, Instant Messages, text messages, tweets, and Facebook posts. Read More
