[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 379: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
FTA-N-More.Net • View topic - Security breach gives complete access to iPhone
Login    Forum    Search    FAQ     Radio

Board index » General Technology Discussions

It is currently Mon Apr 29, 2024 3:43 am
All times are UTC - 5 hours
View unanswered posts | View active topics
 



Post new topic Reply to topic  Page 1 of 1
  [ 1 post ] 

Security breach gives complete access to iPhone

Author Message
hsh
 Post Posted: Sat Aug 07, 2010 7:43 am 
Offline
EVEN MORE OF A Contributing Member
User avatar

Joined: Sun May 02, 2010 11:47 am
Posts: 240
Location: da bedroom
Right now, if you visit a web page and load a simple PDF file, you may give total control of your iPhone, iPod Touch or iPad to a hacker. The security bug affects all iOS4 devices and the iPad.

The vulnerability is easily exploitable. In fact, the latest one-click, no-computer-required jailbreak solution for iOS 4 devices uses this same method to break Apple's own security (although in a completely benign way for the user).

How it works
It just requires the user to visit a Web address using Safari. The website can automatically load a simple PDF document, which contains a font that hides a special program. When your iOS device tries to display the PDF file, that font causes something called stack overflow, a technical condition that allows the secret ninja code inside the font to gain complete control of your device.

The result is that, without any user intervention whatsoever, that program can do whatever it wants inside your iPhone, iPod Touch or iPad. Anything you can imagine: Delete files, transmit files, install programs running on the background that can monitor your actions ... anything can be done.

This is not the first time that something similar has happened. At the beginning of the iPhone's life there was a problem with TIFF files that also caused the same security breach. Apple patched the bug after a while, but back then there were very few iPhones compared to the current installed base. Apple says that there are 100 million iPhones, iPod touches, and iPads in the world. Obviously, malicious hackers are racing to get a slice of that market.

How can you avoid it?
Right now, the easiest way to avoid this problem is by not going to any PDF links directly and not loading any PDF from any non-trusted source.

You can also jailbreak your iPhone and install a program that will ask for authorization every time your browser encounters a PDF (just look for "PDF loading warner" in Cydia).

_________________


Those that know, don't tell. And those that tell, don't know.

So say what you mean, and mean what you say.

And if its ain't broke, don't fix it.
Top 
 Profile  
 
Display posts from previous:  Sort by  
 
Post new topic Reply to topic  Page 1 of 1
  [ 1 post ] 

Board index » General Technology Discussions

It is currently Mon Apr 29, 2024 3:43 am
All times are UTC - 5 hours
View unanswered posts | View active topics
 

Who is online

Users browsing this forum: No registered users and 47 guests

 
 

 
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron