Text Version
RSS Feeds
Newsletter
Home Forum Photos Features Newsletter Archive Employment
About US Help Site Map
SEARCH   About US FAQ Site Map Site News
  SERVICES
  -Text Version
  -RSS Feeds
  -Newsletter
  -News Archive
  -Give us feedback
  -Voices of Readers
  -Online community
  -China Biz info
  What's new
Researchers spot security flaw in Apple's iPhone
+ -
13:13, July 24, 2007

 Related News
 Apple to launch Nano-based iPhone
 iPhone profit margin to hit over 55%
 iPhone goes on sale in U.S. Friday
 Comment  Tell A Friend
 Print Format  Save Article
A team of computer security researchers at the Baltimore-based Independent Security Evaluators (ISE) said they have found a flaw in Apple's popular new iPhone that would allow an attacker to gain full access to the device.

The vulnerability -- a buffer overflow -- lies in the Safari web browser built into the iPhone, said Charlie Miller, the principal security analyst for the firm.

The hack, allowing the attackers to tap the wealth of personal information the phones contain, can be activated through a malicious Web site, a Wi-Fi access point or a link sent to the phone through e-mail or a text message.

After it's activated, an attacker can make the phone transmit files or passwords, run up wireless services or even record audio and relay it back to the attacker.

Although Apple built considerable security measures into its device, said Miller, "Once you did manage to find a hole, you were in complete control." The firm alerted Apple about the vulnerability and recommended a software patch that could solve the problem.

Though browser vulnerabilities are not uncommon, Miller believed that this one is particularly bad because of weaknesses in the underlying security architecture of the iPhone.

Apple's approach, he said, appears to have focused on limiting the applications on the device and restricting how it can be accessed, rather than handling those applications in a secure fashion.

A spokeswoman for Apple, Lynn Fox, said, "Apple takes security very seriously and has a great track record of addressing potential vulnerabilities before they can affect users."

Hackers around the world have been trying to unveil the secrets of the iPhone since its release last month; most have focused their efforts on unlocking the phone from its sole wireless provider, AT&T, and getting unauthorized programs to run on it. The iPhone is a closed system that cannot accept outside programs and can be used only on the AT&T network.

The Independent Security Evaluators researchers cracked the phone's software in a week, said Aviel D. Rubin, the firm's founder.

Rubin said the research was not intended to show the iPhone was necessarily more vulnerable to hacking than other phones.

"Anything as complex as a computer -- which is what this phone is -- is going to have vulnerabilities," he said.

Source: Xinhua/agencies



  Your Message:   Most Commented:
Ambassador reviews Germany-China relations
President Hu vows to remain committed to "one country, two systems" principle
CPC full of vigor and vitality
Roadside bomb blast kills 26 people in SW Pakistan
Chinese leader urges college united front members to make more contribution

|About Peopledaily.com.cn | Advertise on site | Contact us | Site map | Job offer|
Copyright by People's Daily Online, All Rights Reserved

http://english.people.com.cn/90001/90781/90877/6222873.pdf