Mobile

iPhone SMS Security Flaw Could Allow ‘Every iPhone’ To Be Hijacked

Apparently, there’s a security flaw on the iPhone that allows it to be hijacked via SMS. And when, hijacked, your phone can then hijack all other iPhones in your contacts list. I think you see where this is going.

The flaw involves invisible SMS bursts that allow hackers to gain total control over your phone. The two dudes who discovered it plan on unveiling it at the Black Hat conference on Thursday. They say they told Apple about it a month ago, but nothing’s been done.

So how do you prevent your phone from being hijacked? Well, if you get a text containing only a single square character, turn your phone off. Fast.

Hey Apple, wanna fix this please? That’d be great. Thanks. [Forbes]

Discuss

(6 Comments)
  • [–]

    matt

    Thursday, July 30, 2009 at 9:30 AM

    seriously WTF!, thats like the most rudimentary security flaw i’ve ever herd of! i’m surprised yelling ‘break’ into the mic doesn’t crash the phone!

    Reply
  • [–]

    sERAPHIM

    Thursday, July 30, 2009 at 10:34 AM

    @ matt -

    LMAO! Just don’t try that with the 3GS, or you might be horrifically surprised.

    Reply
  • [–]

    Dr_Stef

    Thursday, July 30, 2009 at 10:50 AM

    They knew about it too a couple of months ago apparently. Never fixed it.

    I guess it must be tiring, approving all
    those useful apps that measure how good you are at sex. No time for fixing no sir!

    Reply
    • [–]

      Jar

      Thursday, July 30, 2009 at 12:16 PM

      if you get a text containing only a single square character and you turn off the phone, what do you do after that? leave it off? or can you turn it back on?

      Reply
      • [–]

        matt

        Thursday, July 30, 2009 at 2:22 PM

        LOL, no, fraid thats its, throw it out and get a new one…

        actually i’m pretty sure when i first heard about this all they said was that it crashes the phone when viewed, this lead them to believe that someone COULD use the same thing to hack the phone(cause if somethings crashing the phone, it could be cause they were overwriting code, which could theoretically be used to override it with a hack that can take control of it) , but they hadn’t tried it, looks like they MAY have tried it now. so, if it just crashes your phone, it might be fine, just need to restart it, but if you did get a virus through it, you could fix it by resetting to factory defaults or something thru itunes (i don’t have one).

        the article seems to suggest that it may take more than one message, and that similar problems exist in android and winmo, this is pathetic, but the problem could also be fixed by the carriers filtering out the clearly infected text messages.

        I wouldn’t hold your breath for apple fixing it anytime soon either, did they ever fix that java exploit in OSX? if so, they still took months to respond…

        Reply
  • [–]

    Thomas Hambleton

    Thursday, July 30, 2009 at 1:12 PM

    I forsooth something like this happening with the larger proliferation of “smart” phones. Will be interesting to see where this goes…

    Reply

Join The Discussion

Subscribe Contact