iPhone SMS Security Vulnerability to Be Disclosed Today
Forbes reports that cybersecurity researchers plan to publicize today at the Black Hat conference in Las Vegas a security vulnerability in the iPhone SMS messaging system that reportedly would allow hackers to in theory "take over every iPhone in the world".
Using a flaw they've found in the iPhone's handling of text messages, the researchers say they'll demonstrate how to send a series of mostly invisible SMS bursts that can give a hacker complete power over any of the smart phone's functions. That includes dialing the phone, visiting Web sites, turning on the device's camera and microphone and, most importantly, sending more text messages to further propagate a mass-gadget hijacking.
According to the report, researchers Charlie Miller and Collin Mulliner notified Apple of the vulnerability over a month ago, but the company has yet to issue a patch for it.
Miller was the lead researcher behind an effort that discovered a vulnerability in the original iPhone soon after its 2007 launch, a flaw that Apple addressed with the release of iPhone OS 1.0.1 just two days before Miller was set to publicize his findings at that year's Black Hat conference.