iPhone hacked in less than a month?
Apple's iPhone has been on the market for less than a month, but already researchers have claimed to have hacked the popular device.
Security researchers from Maryland-based penetration testing firm Independent Security Evaluators (ISE) say they have written two exploits that take advantage of "serious problems with the design and implementation of security on the iPhone". They claim that one of the exploits, for the Safari Web browser on the iPhone, could be used for stealing data.
The researchers used an unmodified iPhone to surf to a malicious HTML document they had created. When this page was viewed, the payload forced the iPhone to make an outbound connection to a server that the researchers controlled. The compromised iPhone then sent personal data including SMS text messages, contact information, call history and voicemail information over the connection.
The second exploit created by the researchers enabled them to perform so-called "physical actions" on the iPhone. Using their iPhone to visit a second malicious Web page, they forced the device to "vibrate for a second".
They also raised the spectre of premium-rate rogue-dialler fraud, and the use of the iPhone as a bugging device. By using other API functions, the researchers claimed the exploit could have "dialled phone numbers, sent text messages or recorded audio as a bugging device, and transmitted it over the network for later collection by a malicious party".
The security researchers claim that the iPhone's "most glaring" security fault is that all major processes run with administrative privileges. This is a problem because a compromise of any application gives an attacker full access to the device.
The number of ways the iPhone can be attacked has been reduced by stripping down OS X. But, as on the desktop version of OS X, iPhone software does not utilise security practices such as address randomisation, which would make exploiting the operating system more difficult, said the researchers.
"These weaknesses allow for the easy development of stable exploit code once a vulnerability is discovered," the researchers wrote in a whitepaper. They said they were unwilling to divulge any more details about the exploits until the Black Hat security conference in Las Vegas in August, because Apple was only notified of their research findings on 17 July.
In response to news of the hack, Apple said: "Apple takes security very seriously and has a great track record of addressing potential vulnerabilities before they can affect users."
Tom Espiner reported for ZDNet UK from London.