SMS hack could leave "every" iPhone vulnerable
A single character sent by text message could allegedly compromise every iPhone released to date.
Talking at the Black Hat security conference in Las Vegas, experts Charlie Miller and Collin Mulliner say they've discovered a bug in the iPhone's approach to SMS that exposes it completely to remote control through a subsequent hack, including the camera, dialer, messaging and Safari. It occurs regardless of hardware revision or which version of the iPhone OS is running.
The technique involves sending only one unusual text character or else a series of "invisible" messages that confuse the phone and open the door to attack. Because users won't know whose messages to block in advance, there's little iPhone owners can do but to shut off the phone immediately if they suspect they're at risk -- a real problem as the trick could also be used to make an iPhone send more messages of its own.
"Someone could pretty quickly take over every iPhone in the world with this," Miller claimed to Forbes on Wednesday.
An extra vulnerability would simply be used to frustrate individual owners and would use a series of SMS messages to keep the iPhone offline for 10 seconds at a time, creating the mobile equivalent of a denial of service attack for as long as the malicious programmer saw fit.
Both of the experts reiterated that they notified Apple of the flaws roughly a month ago. In its typically silent approach to security, however, the company hasn't issued an update to patch either of the security breaches and hasn't provided an update on whether or not it can release a patch before the end of the month.
Regardless of the Cupertino firm's response, the new exploits underscore a small but noteworthy history of security risks that, among others, have included a since-fixed Safari flaw that would compromise an iPhone just by visiting a website with hidden but hostile code.
Apple is all the same not isolated from these sorts of issues. Google's Android in its current form is vulnerable to the same 10-second knockout as the iPhone, and Windows Mobile can also be controlled through a burst of text messages.
Talking at the Black Hat security conference in Las Vegas, experts Charlie Miller and Collin Mulliner say they've discovered a bug in the iPhone's approach to SMS that exposes it completely to remote control through a subsequent hack, including the camera, dialer, messaging and Safari. It occurs regardless of hardware revision or which version of the iPhone OS is running.
The technique involves sending only one unusual text character or else a series of "invisible" messages that confuse the phone and open the door to attack. Because users won't know whose messages to block in advance, there's little iPhone owners can do but to shut off the phone immediately if they suspect they're at risk -- a real problem as the trick could also be used to make an iPhone send more messages of its own.
"Someone could pretty quickly take over every iPhone in the world with this," Miller claimed to Forbes on Wednesday.
An extra vulnerability would simply be used to frustrate individual owners and would use a series of SMS messages to keep the iPhone offline for 10 seconds at a time, creating the mobile equivalent of a denial of service attack for as long as the malicious programmer saw fit.
Both of the experts reiterated that they notified Apple of the flaws roughly a month ago. In its typically silent approach to security, however, the company hasn't issued an update to patch either of the security breaches and hasn't provided an update on whether or not it can release a patch before the end of the month.
Regardless of the Cupertino firm's response, the new exploits underscore a small but noteworthy history of security risks that, among others, have included a since-fixed Safari flaw that would compromise an iPhone just by visiting a website with hidden but hostile code.
Apple is all the same not isolated from these sorts of issues. Google's Android in its current form is vulnerable to the same 10-second knockout as the iPhone, and Windows Mobile can also be controlled through a burst of text messages.
Comments
I don't think it's the money that's a problem for me, it's just the total lack of control and it just seems like a potential way to rack up my bill without my permission and I can't do much of anything about it without spending even more time and money.
I hope this isn't true. As it is, I already resent the fact that I have to accept SMS messages as part of the service (for $0.20 a pop) and have no control that I've seen to block or only accept messages from certain people. I can choose not to accept a phone call, not so with SMS that I've found. I get the message and I'm automatically charged for it.
I don't think it's the money that's a problem for me, it's just the total lack of control and it just seems like a potential way to rack up my bill without my permission and I can't do much of anything about it without spending even more time and money.
You can choose to block all texts -- just tell your wireless carrier to block all text messages, and they will be blocked.
I agree that this sounds a wee bit hokey -- invisible texts or strange characters? I'm not sure that makes much of any sense, but I'm no expert -- I can only hope.
I hope this isn't true. As it is, I already resent the fact that I have to accept SMS messages as part of the service (for $0.20 a pop) and have no control that I've seen to block or only accept messages from certain people. I can choose not to accept a phone call, not so with SMS that I've found. I get the message and I'm automatically charged for it.
I don't think it's the money that's a problem for me, it's just the total lack of control and it just seems like a potential way to rack up my bill without my permission and I can't do much of anything about it without spending even more time and money.
Agreed. I think it's only us here in the States that are forced into this pay as you receive garbage. I'm not sure, but maybe anyone in other countries can verify you are pay for outgoing only by law? It should be a requirement by law, imo. Paying for incoming is dumb.
I hope this isn't true. As it is, I already resent the fact that I have to accept SMS messages as part of the service (for $0.20 a pop) and have no control that I've seen to block or only accept messages from certain people. I can choose not to accept a phone call, not so with SMS that I've found. I get the message and I'm automatically charged for it.
I don't think it's the money that's a problem for me, it's just the total lack of control and it just seems like a potential way to rack up my bill without my permission and I can't do much of anything about it without spending even more time and money.
Precisely why I'm waiting for the T-Mobile iPhone... at least on the plan I have, T-Mobile gives a courtesy 50 SMS and that covers those all important text messages I receive from unknown senders who like to send messages like the following...
"Just because! lol"
If AT&T thinks I'm paying them .20¢ for that, they have a whole other thing coming!
"Someone could pretty quickly take over every iPhone in the world with this,"
Has anyone received an SMS text message requesting... "one hundred million dollars" (put finger to mouth)...
Sounds like Dr. Evil! Where is Austin Powers when you need him?!
Agreed. I think it's only us here in the States that are forced into this pay as you receive garbage. I'm not sure, but maybe anyone in other countries can verify you are pay for outgoing only by law? It should be a requirement by law, imo. Paying for incoming is dumb.
You are correct. In Australia it would be considered disgusting to charge someone for something they didn't request, or have any control over.
Basically, if you are in control over the charge, thats fair. If you are out of control, then anyone can make you lose as much money as they like. That isn't your choice, and that would be considered ludicrous.
Well, that's the difference between the US and the rest of civilized world. Nothing here is considered disgusting if it will make someone a profit.
I was shocked when I found out you guys have to pay to receive text messages. And on top of that, that it's an astronomical $0.20 per message! I'm on a pay-as-you-go tariff (no monthly fee), and it costs me nothing to receive and only 4p (less than $0.07) to send a text.
Not only that - I have to pay when somebody calls ME! And while we are at it.... What about those roaming charges. I am in Canada and if I go to Europe I have to pay 3 cents per KB. That's 30 dollars per MB. Anyone have any clue what the mark-up is on that?
Did the security experts mention any fix? Or any way to know if your phone has been compromised?
There's an app for that!
If you are out of control, then anyone can make you lose as much money as they like. That isn't your choice, and that would be considered ludicrous.
AT&T themselves could contract with some third party to blast out text messages to all of their customers.
Not that this is likely to happen without serious scrutiny, but imagine if they did it on a partial basis every other month or so, so as to merely appear as a 'nuisance'. Multiply their user base by $.20 and do the math...
I feel like this hasn't been a good couple of weeks for Apple. First the Foxconn suicide, then the Google Voice fiasco, now this. I'm not saying anything about Apple's responsibility in any of these, but just from a PR standpoint it's been quite a lot of crap in a very short period of time.
As long as Apple's stock is on the rise... Don't worry, it's hard to keep a good company down... (I know I inserted the word "company" in lieu of "man" but it seemed to fit).
You guys have to pay to receive a text message? That's the stupidest thing I've ever heard.
Pretty much. It's even worse than this:
http://www.youtube.com/watch?v=Zrpx4NAtsFQ
You guys have to pay to receive a text message? That's the stupidest thing I've ever heard.
...we have to pay to receive a call too! That's in the GREATEST nation in the world where everything is free and everyone can go to the moon if they want;-)
That's the stupidest thing I've ever heard.
That's not as stupid as the people who actually pay it.
Anybody who bends over and lets AT&T have its way with them is asking to be double charged for text messages.