NY Times: iPhone Flaw Lets Hackers Take Over

The New York Times published an article today which paints a fairly scathing picture of security on the iPhone. According to the article, hackers are able to gain total control over your iPhone either via a WiFi connection or by tricking users into visiting a particular web site. Given the information revealed within the article, many users may decide to use their iPhone less freely, out of concern of having the wealth personal information an iPhone may contain exposed or otherwise having their phone exploited.

According to the team of security experts who found the iPhone exploits, a firm named Independent Security Evaluators, once you were able to break through the iPhone's security, the phone and it's contents were an open book. "Once you did manage to find a hole, you were in complete control," said Charles Miller, principle security analyst for the firm.

Apple has indicated that they take iPhone security very seriously and cited their track record of rapidly responding to detected vulnerabilities.

The article contains details of a demonstration by I.S.E. in which the NY Times' reporter's cellphone is exploited after visiting a website. Subsequently, recent SMS text messages, contact information, and more from the cellphone are transmitted to the hacker's computer. The experts added that they could "get any file they want", have the phone make calls, or even act as a bugging device.

The following video demonstrates the exploit:

Further details on the exploit are available at exploitingiphone.com. You can read the full NY Times article here.

Comments

I'm surprised no one has taken advantage of this already.

Obviously it must be very difficult to do or people would be stealing IDs constantly.

My good god, that's a creepy hand holding that iPhone.