iPhone hacked in Pwn2Own contest02: 30 25/03/2010, Mike Schramm, block, attack, blog, code, database, hack, hacked, hacking, Halvar phlipp-Flake, iPhone, Pwn2Own, Ralf - Weinmann, sms, Vincenzo - Iozzo, The Unofficial Apple Weblog (TUAW)
Filed under: Security
An iPhone is hacked in just 20 seconds into the hacking contest this week in Pwn2Own CanSecWest 2010, reports ZDNet's Ryan Naraine. Hackers Vincenzo Iozzo, Ralf Philipp Weinmann give an exploit that allowed stations to send an iPhone to a website they created online, then copied from the SMS database all on the iPhone (including deleted text messages) to their own server. The browser crashed during the raid, but the hackers are saying that with a little tweaking, it is still possible to catch the information without the user ever knowing that the attack had occurred. Halvar Flake also helped with the hack, and said that while Apple has some protection in place to execute malicious code on the iPhone, but not enough: "The way that the implementation of code signing is too lenient. " You can see more technical information on the hack over on his blog.
The hackers do not share exactly how they did the deed - as specified by the contest rules, knowledge of the hack is becoming property of the sponsor of the contest, the shift from Ground Zero Day Initiative, which will send a report to Apple and only details of the version once the hole has been fixed. Safari and Internet Explorer 8 has so much property in the same conference, though details about those hacks are both next - Tipping Point is offering up to $ 100,000 in awards for these accomplishments in various programs, and it seems that the prize money has been well earned.
TUAWiPhone hacked in contest Pwn2Own originally appeared in the Unofficial Apple Weblog (TUAW) on Wed, 24 Mar 2010 20:30:00 EST. Please see our terms of use of feed.
Read | Permalink | Email this | Comments
Suscribirse a:
Enviar comentarios (Atom)
No hay comentarios:
Publicar un comentario