Security

Ikee Virus Infects Australian iPhones

Rickrolling has finally made it to the iPhone. The first known iPhone worm has been released in Australia, spreading from phone to phone over the network. Only jailbroken iPhones running SSH with the default root password are affected.

iphone worm ikee

The ikee worm exploits this security weakness to infiltrate the iPhone file system and search for other jailbroken iPhones in the vicinity. The malware also changes the lockscreen wallpaper to a photo of 80s pop icon Rick Astley with the message "ikee is never going to give you up."

How do I change my iPhone root password?

Jailbreakers everywhere should be aware that the default root password from Apple is "alpine" and presents a security threat if SSH is installed. SSH can be uninstalled or switched off when not in use, however changing the password once will solve the problem.

To change your root password and help prevent unauthorized access to your iPhone:

1. Connect to your iPhone using SSH on your computer.
2. Type 'passwd' without the quotes at the command prompt and press return.

Apple iPhone Firmware 3.0.1 Available Now

Apple has released version 3.0.1 of the iPhone OS software. This fixes the recently revealed SMS security flaw. The security hole was illustrated on Thursday by Charlie Miller at the Black Hat 2009 conference in Las Vegas.

iPhone owners can download and install the 3.0.1 update using iTunes immediately. Left unpatched, the problem makes it possible for iPhones to receive malicious binary programs through SMS messages without the user's knowledge.

Apple Expected to Release iPhone SMS Fix

A massive iPhone security flaw was illustrated on Thursday by Charlie Miller and Collin Mulliner at the Black Hat 2009 conference in Las Vegas. Word of the demonstration had been brewing for days, however Apple has remained silent on the issue.

The problem makes it possible for iPhones to receive binary programs through SMS messages without the user's knowledge. These programs can then give someone using the exploit complete control over the device.

iPhone 3GS Security Weakness

If you thought your iPhone 3GS was more secure than the original iPhone or the iPhone 3G, think again. iPhone developer and hacker extraordinaire Jonathan Zdziarski says the encryption Apple has implemented on the iPhone 3GS is next to worthless.

With many businesses, higher education institutions, and government agencies starting to use the iPhone, Zdziarski cites poor encryption as cause for concern. In a demonstration to Wired, he pulled live sensitive data from an iPhone 3GS using readily available free software in only two minutes.

Pages

Subscribe to RSS - Security