iPhone users beware. At the Black Hat conference in Las Vegas last night, a pair of security experts released information about a security flaw in Apple's popular cell phone. The flaw could let hackers take control of a remote iPhone by simply text-messaging it. Reuters explains:
The researchers showed the audience how to break into iPhones by sending computer code via the phone's SMS system. Mobile phones use SMS to send and receive text messages along with software upgrades. They said that the phone's users cannot detect that it is receiving the malicious code. . . .
They have successfully tested the hacks on iPhones running on networks of four carriers in Germany along with AT&T Inc in the United States. They said they believed the methods will work with iPhone carriers around the world.
Now that they've made the hole public, security analyst Charlie Miller and Ph.D. student Collin Mulliner say hackers could write software to exploit it "within about two weeks." Scary.
So, why tell the world instead of working quietly with Apple on a fix? Actually, it seems they've already tried that—Reuters says Miller and Mulliner approached the company "in the middle of July." (Another report says "more than a month ago.") However, Apple has yet to issue a fix. Mulliner comments, "If we don't talk about it, somebody is going to do it silently. The bad guys are going to do it no matter what."
The pair found a similar flaw in the Android operating system, Reuters adds. Google apparently proved more responsive, patching the flaw after receiving their warning. (Thanks to TR reader Dale for the heads-up.)
Update 2:01 PM: Apple reportedly plans to issue a fix tomorrow.
Update 2:56 PM: The fix is now available through iTunes.
|1. BIF - $340||2. Ryu Connor - $250||3. mbutrovich - $250|
|4. YetAnotherGeek2 - $200||5. End User - $150||6. Captain Ned - $100|
|7. Anonymous Gerbil - $100||8. Bill Door - $100||9. ericfulmer - $100|
|10. dkanter - $100|
|LG UltraFine 4K and 5K displays are the new Apple monitors||28|
|Cuplex Kryos Next water block is heaven for control freaks||0|
|OWC Ministack places up to 6TB of storage atop Mac Minis||4|
|Gigabyte lets loose a flurry of BIOS updates with Kaby Lake support||1|
|Deals of the week: a GTX 1080, photography gear, and more||4|
|Geil Evo X memory kits with RGB LED lighting are now available||15|
|GeForce 375.70 drivers gear up for a raft of triple-A titles||4|
|AMD announces Radeon Pro drivers with scheduled releases||6|
|We're giving away our Aimpad R5 review unit||22|