Go to the Softpedia homepage


NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
Home / News / Apple / Iworld

Iworld

iPhone a.k.a. The Not Secure Apple Device

SPI Labs informs users about iPhone vulnerability

By Bogdan Popa, Security and Search Engines Editor

18th of July 2007, 10:28 GMT

Adjust text size:


The Apple iPhone
Enlarge picture
The folks from SPI Labs informed the users about a critical vulnerability discovered in Apple's iPhone that might harm the owners and the data stored on the handheld device. According to the reports, there is a security flaw in Apple iPhone's Safari that can permit an attacker discover the phone calls and track the dialed numbers. In addition, a malicious user can manipulate the iPhone in order to place anonymous phone calls without owners' approval. SPI Labs said the attacks can be launched from a dangerous
website.

"For example, an attacker could determine that a specific website visitor "Bob" has called an embarrassing number such as an escort service. An attacker can also trick or force Bob into dialing any other telephone number without his consent such a 900-number owned by the attacker or an international number. Finally, an attacker can lock Bob's phone forcing Bob to either make the call or hard-reset his phone resulting in possible data loss," SPI Labs wrote.

It seems like the folks from SPI Labs already informed the parent company Apple about the existence of the flaw and the engineers are currently working to fix it. Also, you're encouraged to avoid using the in-built Safari browser because an attacker could be able to discover the dialed telephone number.

Apple's iPhone was released on June 29 and was one of the most awaited products powered by the Cupertino company. Just after a few days after the launch date, the Internet users discovered some security holes in the handheld device that proved us we're not safe using the iPhone. However, today's vulnerability raises new security concerns as users' private information might be accessed by any dangerous attacker on the Internet.

"These types of attacks can be launched from a malicious website, from a legitimate website that has Cross-Site Scripting vulnerabilities, or as part of a payload of a web application worm," SPI Labs also mentioned in the advisory.

TAGS:

 apple | iphone | security | vulnerability


Rating:
Fair (2.4/5) 7 vote(s) so far    

Read by 0 user(s) | Add comment | Link to this article
Subscribe to news | Print article | Send to friend

© Copyright 2001-2008 Softpedia
Contact:

 

 

SEARCH THE NEWS ARCHIVE :




Today's News | Yesterday's News | News Archive


MORE RELATED ARTICLES:


The iPhone Saga

LG Prada Is Apple iPhone Killer?

No AT&T iPhone Insurance?

Verizon CEO Is Not Scared of The iPhone

iPhone Window Displays Appear in Apple Stores

Storing Data on an iPhone

User opinions:

No user comments yet.
Be the first to express your opinion using the form below!

Share your opinion:

Your Name:
Your Email Address:
(will not be used for commercial purposes)
Solve this to prove you're not a bot: =
Your review/opinion:

 






SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   ENTER NEWS SITE   |   ENGLISH BOARD   |   ROMANIAN FORUM
© 2001 - 2008 Softpedia. All rights reserved.
Softpedia™ and the Softpedia™ logo are registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use | Update your software | Archive