iPhone security

Apple Completes iPhone Browser Security Fix

Apple has already developed a patch for the iOS 4 Mobile Safari exploit revealed by JailbreakMe. The security hole affects all iPhones, whether they are jailbroken or not. Malicious code could possibly take over the iPhone and steal personal information by taking advantage of weaknesses in the PDF display code built into Safari.

Currently, the only known software to take advantage of the exploit is the JailbreakMe 2.0 application, which loads itself into the iPhone via Safari and jailbreaks the device. The procedure has been described as brilliant and also scary by security experts who have been studying the inner workings of the code.

JailbreakMe Reveals Security Flaw on All iPhones

Comex's release of in-browser jailbreaking software for the iPhone has revealed a major security hole in all iPhones. Turns out the exploit used to download and install the jailbreak in Mobile Safari could also be used by malicious programmers to install spyware or other data-stealing software on iOS.

apple iphone 4 in-store jailbreak 0xcharlie

By creating a jailbreak procedure that can be performed anywhere (pictured above by 0xcharlie in the Apple Store) Comex has also made it clear that Apple has some security patching work ahead. What happens is that anytime a PDF file is accessed from the Safari browser, the PDF is capable of running programs that would normally be prevented from execution.

Spyware Threatens All iPhones

Users with jailbroken iPhones are not the only ones that need to worry about security threats. According to iPhone developer Nicolas Seriot personal data on all iPhones is easily accessible with standard Application Programming Interfaces (APIs).

iphone spyware

Malicious code could easily be sneaked into the AppStore past Apple's reviewers. SpyPhone, a proof-of-concept application, shows that personal data such as Contacts can be easily compromised.

Pages

Subscribe to RSS - iPhone security