Posted by: Arian Eigen Heald
data security, information, mobile phone security
Articles are being released today about a flaw discovered by security researchers Charlie Miller and Collin Mulliner. They informed Apple a month ago about this flaw, but no fix had been issued. So they decided to go public at the Black Hat conference with a demo of just how easy it is to take over an iPhone. The demo will be done today and I’m sure details of how to do it will be flying. From here, it sounds like a buffer overflow.
Experts are warning that a text message containing a square character means someone is in the process of taking over the phone. They recommend that you shut down the phone immediately and “wait awhile.”
I suppose they think waiting awhile will motivate the hacker to move on to other iPhones. I’d suggest, however, that you turn OFF text messaging until they get this fixed. Shocking to some, I know, but it would be much more shocking to have all your information compromised.
Have a new iPhone with 3G? You can visit a site on YouTube that demonstrates the ease of bypassing both the passcode and the encrypted backup. He has a number of other videos that are equally painful.
Once again, security has taken a backseat to speedy software development. Now Apple is getting a lot (more) bad press.