iPhone, Apple PCs 'vulnerable to hackers'
New York, July 24, 2007
The iPhone and Apple Inc.'s desktop computers may be vulnerable to hackers due to a flaw in their Web browser, according to a security firm.
The firm said it had found a way to hack into the iPhone.
Baltimore-based Independent Security Evaluators, which tests its clients' computer security by hacking it, said three employees found a way to take control of iPhones through a Wi-Fi link or by tricking users into going to a Web site.
Charles Miller, principal security analyst at the firm, said a security weakness allows someone to take control of Apple's Safari Web browser and see other applications on the device at the same time, which could potentially make users of Macintosh desktop computers vulnerable to attacks.
'The same problem actually exists on Apple's desktops,' said Miller. But he added that while his firm had identified the risk for both desktops and phones, it had written only the code necessary to hack into the iPhone.
The security consultants, who took about a week and a half to work out the move, said they were able to take control of an iPhone and make calls or send text messages, as well as access e-mails, voice-mail, address books and call and Web browsing history.
Miller said his company gave details about the hack and a potential security patch to Apple, but did not publicly release the details.
'We're looking into the report submitted by (Integrated Security Evaluators) and we always welcome feedback on how to improve our security,' Apple spokeswoman Lynn Fox said.
Miller said Apple could have avoided the risk by eliminating links between the browser and other applications.
'It turns out that on the iPhone there are probably some basic things they could have done that would have made it better,' said Miller.
The claim comes almost two months after Apple and AT&T Inc started selling Apple's first cell phone, which includes a music and video player as well as a Web browser. As many as 700,000 iPhones were sold on the first weekend after the June 29 launch, according to analyst estimates.
Days after launch, a well-known hacker Jon Johansen, claimed to have overcome restrictions on the iPhone, allowing highly technical users to bypass AT&T's network to use the phone's Internet and music features. While cell phones have not historically been as vulnerable to attack as desktop computers, some experts worry that phones take on greater risks as they add more computer-like features.-Reuters
More IT & Telecommunications Stories
- Cyber threats focus of Bahrain security talks
- Bahrain tech expo to honour innovators
- Scope ME named distributor for InfoWatch
- Nawras quadruples 3G+ mobile services
- Menatelecom expands bill paying network
- Du joins new global cable consortium
- Kuwait moves to create telecoms watchdog
- Batelco backs Royal Fund for Martyrs
- Egypt's Global Telecom posts $749m Q4 loss
- Red Hat launches open source BPM suite
- Batelco announces new board
- Batelco offers improved broadband
- You don't own phone numbers, warns TRA
- Tech giants back top Qatar ICT event
- Du to provide wifi access in public areas
- Zain finalises $800m, five-year loan facility
- Ooredoo Q4 net profit falls 36pc to $140m
- Mobily, Etisalat team up for LTE roaming
- Batelco approves $84m dividends for 2013
- Etisalat Q4 profit rises 70pc to $394m
- Kenya telecom firm to join Etisalat SmartHub
- Aruba appoints new sales director
- Du enters $1.17 billion financing deals
- VIVA extends 4G LTE offer
- Batelco to update students with latest technologies
- Etisalat SmartHub seals IPX agreement
- Etisalat picks Alcatel for LTE network expansion
- Boeing, QCRI host machine learning forum
- Mobily provides 4G LTE international roaming
- Viva Kuwait, Huawei to set up innovation centre