Talking at the Black Hat security conference in Las Vegas, experts Charlie Miller and Collin Mulliner say they've discovered a bug in the iPhone's approach to SMS that exposes it completely to remote control through a subsequent hack, including the camera, dialer, messaging and Safari. It occurs regardless of hardware revision or which version of the iPhone OS is running.
The technique involves sending only one unusual text character or else a series of "invisible" messages that confuse the phone and open the door to attack. Because users won't know whose messages to block in advance, there's little iPhone owners can do but to shut off the phone immediately if they suspect they're at risk -- a real problem as the trick could also be used to make an iPhone send more messages of its own.
"Someone could pretty quickly take over every iPhone in the world with this," Miller claimed to Forbes on Wednesday.
An extra vulnerability would simply be used to frustrate individual owners and would use a series of SMS messages to keep the iPhone offline for 10 seconds at a time, creating the mobile equivalent of a denial of service attack for as long as the malicious programmer saw fit.
Both of the experts reiterated that they notified Apple of the flaws roughly a month ago. In its typically silent approach to security, however, the company hasn't issued an update to patch either of the security breaches and hasn't provided an update on whether or not it can release a patch before the end of the month.
Regardless of the Cupertino firm's response, the new exploits underscore a small but noteworthy history of security risks that, among others, have included a since-fixed Safari flaw that would compromise an iPhone just by visiting a website with hidden but hostile code.
Apple is all the same not isolated from these sorts of issues. Google's Android in its current form is vulnerable to the same 10-second knockout as the iPhone, and Windows Mobile can also be controlled through a burst of text messages.