iPhones, like computers, could be hijacked and used to spread spam if the device's owner visits a doctored website or Internet hotspot, security researchers reported recently.
The vulnerability of Apple Inc.'s popular only theoretical for now. There are no reports of criminals actually taking advantage of the security glitch to remotely access an iPhone.
But if it were exploited, hijacked iPhones could be very useful to the same gangs that take over personal computers and use them to disseminate spam, said Charlie Miller, principal security analyst at Independent Security Evaluators, which discovered the flaw.
"You could have a million iPhones dialing the company's main line and overwhelm it that way," Miller said.
Hijacked iPhones could also be used to send spam by cell-phone text message, which computers generally can't. Any personal data on the phones, such as private phone numbers and text messages, would be accessible as well.
The flaw applies not only to the iPhone, which was launched just three weeks ago, but also to Apple computers running Mac OS and the company's Safari Web browser, a version of which comes with the iPhone. It does not affect Safari running on Microsoft Corp.'s Windows systems.
Miller and the rest of the ISE team, which included Jake Honoroff and Joshua Mason, discovered holes in the security of the iPhone within minutes of getting their hands on their boss' phone.
"He didn't really want to let us do it, but eventually he gave in, and we poked around with it for a few minutes, and already saw some things that could make the programs crash," Miller said.
The researchers at Baltimore-based ISE haven't released the specifics of the vulnerability to the public, but have provided details to Apple and supplied the company with a patch, a software update for plugging the hole.
Source: Xinhua/agencies
|
Comment
Tell A Friend
Print Format
Save Article