IPhone SMS vulnerability, demonstration at the Black Hat Conference – Macitynet.it
At the Black Hat conference in Las Vegas, security expert Mac Charlie Miller will offer a demonstration of an attack on iPhone via SMS. The announcement of the demo is not new: Miller had already announced at the beginning of July that he had identified a flaw in the management of SMS in iPhone OS that allows to send malicious code, divided into several messages, which can then be run without any intervention by the user.
SMS are an incredible attack system against smartphones and cell phones, Miller said, stating that all it takes to launch the attack is the phone number: the user does not need to click on a link or anything else. Other security expert interventions are planned in the Black Hat conference program that show how it is possible to attack smartphones and cell phones. For example, a demonstration by Lackey and Miras illustrates how to send SMS for device settings, a type of message usually sent only by mobile operators and thanks to which the attacker can change the phone settings.
In his first statements Miller explained that he had signed a non-disclosure agreement with Apple, thus avoiding to provide details on the operation of the attack, at least until Apple had made a patch to resolve the flaw. The demonstration by Miller in Las Vegas expected in a day, so it is very likely that Apple will make the patch available shortly within the next few hours.
It remains to be seen how Apple will fix the bug. The announcement could mean that Cupertino is close to the launch of iPhone Os 3.1