February 10, 2008   Sign In |  About ebizQ |  Contact Us |  Join ebizQ Gold Club
Peter Schooff
Peter Twenty-Four Seven Security
 Peter Schooff's blog is a daily look at what's going on in the world of computer security with an emphasis on how it affects businesses.

« Who Falls For Phishing? | Main | Podcast with Symantec: Lessons Learned From 25 Years in the Security Trenches »

July 24, 2007
iPhone Hacked -- What Now?

Just had a friend visit from out of town, and as he’s usually up on the latest and greatest gadgetry, he came toting the new iPhone. As you would expect with something from Apple, the iPhone is a beaut. Great interface, and as my friend’s father recently got one as well -- his father only recently went digital, and he's gotten up-to-speed in less than a couple of weeks -- proving the iPhone’s ease-of-use.

My friend marveled at how the iPhone immediately integrates other people’s email and phone info into a simple database without the need to cut-and-paste the info. But with the recent news that iPhone has been hacked, maybe that isn’t such a great feature.

According to the ISE, the iPhone browser contains a serious vulnerability that could give control of the iPhone, and all of the sensitive information contained within, over to someone just by visiting a malicious website. This is because, for ease of use, Apple chose to allow everything to run on the iPhone as the same user. While smartphones do the same thing, Microsoft has gone to great trouble to upgrade Vista to protect against these same vulnerabilities.

While the full details of the flaw are not yet available, the vulnerability appears to be the same that’s been plaguing browsers for years. That means, by getting you to visit a hacked website or a malicious WiFi network or to click on a bad link in an email, malware on the site can make Safari execute a bad command. As the New York Times demonstrated, the command could gather the personal data on the iPhone and send it back to the hacker.

As the iPhone ads continue to insist, it’s not a version of the Internet, it’s the Internet, and to achieve that they chose simplicity over security. To put it simply, that ease and simplicity works just as well for hackers. So what to do?

Simply follow standard procedure for any device wired to the Internet. Keep up to date with patches and updates, only connect to WiFi in places you trust, do not store critical information or passwords on the iPhone, and never open emails from unknown sources with uncertain links.

Tag: iPhone, Safari, patches, malware


Tags:

Posted by pschooff in |Digg This|Add to del.icio.us

Trackback Pings

TrackBack URL for this entry:
http://www.ebizq.net/mt/mt-tb.cgi/2155

Comments Post a comment




Remember Me?

(you may use HTML tags for style)

We ask that you type your code (displayed below) in the text box.This code is an image that cannot be read by a machine. It prevents automated programs from submitting comments.


Code:



Most Recent ebizQ Blog Entries
ADVERTISEMENT
Subscribe
News Feed
Recent Posts
Categories
Archives
Blog Roll
Blogosphere
This Work
Accountability:The opinions expressed in this blog are solely representative of the blog's author, and not of ebizQ
Subscribe to our Newsletters
ebizQ Weekly Gold Club Update
Live Webinar Updates
Updates from ebizQ Partners
ebizQ SOA Update
ebizQ BPM Update
ebizQ Security Update
ebizQ BI Update
ebizQ Open Source Software Update
Virtual Show Newsletter
Your E-mail Address:
BAM: The Killer App for CEP
Date: Feb 12, 2008
Time: 12:00 PM ET
(17:00 GMT)
I WANT TO ATTEND
Event Processing Market Pulse
Date: Feb 14, 2008
Time: 12:00 PM ET
(17:00 GMT)
I WANT TO ATTEND
Archived Webinars | Upcoming Webinars

Marketing Solutions | Feedback | About ebizQ | Unsubscribe | Privacy Policy | Site Map