iPhone Security: Latest Hack Not So Scary Author: Eric Everson, Founder MyMobiSafe.com
To read the headlines, one would think that the “hack of hacks” had emerged on the iPhone. While there are some vulnerabilities within the iPhone OS, this latest scare is not likely to affect the masses.
This attack wherein hundreds (and yes, that is an “s” on the end of hundreds) of SMS control messages must be sent to an individual handset, is a hack that is best demonstrated in a controlled environment. To this avail if any one of these hundreds of SMS messages is removed or otherwise deleted from the handset before all the commands are in place, this entire hack is defunct. This hack works very similarly to the old fashioned DoS (Denial of Service) hacks that have been around for decades, the primary point of differentiation is simply that this one takes place on the iPhone.
The likelihood of your iPhone being subjected to this labor intensive attack today is seemingly implausible. In all reality you are way more likely to destroy your iPhone by dropping it today than by losing it to this latest hack.
One of the more interesting pieces of tomorrow’s mobile security puzzle is embedded in the physical architecture of tomorrow’s handsets. Today, touch-screens are considered relatively new technology, thus they use the same power supply and “sand box” (the brain of the handset) as the rest of the handset. In turn this makes them way more susceptible to attacks as a hacker’s first target is to disable user control via attacking the touch-screen. Differentiating the core operating components for touch-screen technology is one way to keep mobile users in control of their handsets even under the worst attacks.
Naturally, as my work with iPhone security issues predates the 2007 launch of the iPhone, I’ve been getting many emails asking me about the threat level of this latest hack. Despite being one of the most popular handset brands in the media, the reality is that iPhone market share is just above 10% on a global basis. Compared to a smartphone manufacturer like Nokia which controls over 40% of the market, there are far fewer users on the iPhone.
Malicious hackers generally like to develop code that targets the broadest user base, so in reality with a suite of Nokia Mobile SDK’s (Software Development Kits) available, the Nokia community might be at greater risk for attack. Nokia phones despite their many security strengths are no less susceptible to the JavaMite movement that is becoming popularized throughout networks of malicious mobile hackers.
As “The MobileTech” I am keeping the mobile security industry honest! Feel free to continue emailing me with your mobile questions.
Your go-to guy in innovative tech, Eric Everson aka “The MobileTech”
Eric Everson is a leading mobile technologies researcher and is the founder of MyMobiSafe.com. If you would like to contact Eric Everson for interview or with research related inquiries contact him directly at EricEverson@Hotmail.com.