iPhone Security Flaw Discovered

Through a bug in the SMS in fact, the device may be attacked and then run a program without user intervention. In the case of Jailbroken devices, this program would take the Administrator privileges.

Do you know who Charlie Miller is? Well, Charlie is a hacker who, during the Pwn2Own event, took full control of a Mac in just 2 seconds using a security flaw in Safari. Impressed? Oh well…

Charlie moved his attention on the iPhone and in particular to a security problem in the management of SMS that allows hackers to send malicious code without user intervention.

Through a bug in the SMS in fact, the device may be attacked and then run a program without user intervention. In the case of Jailbroken devices, this program would take the Administrator privileges.

Mr Miller has also held (during the conference Syscan Singapore) that Apple is already at work in search of a remedy. Basically, despite the limited number of characters available in 1 SMS you can send a small program in binary form through multiple consecutive messages.

Finally, Miller argues that the Jailbreak eliminates about 80% of the protection system Apple, for which an iPhone is even more vulnerable to this problem.