Easy iPhone Hack Demonstrated
Smartphones are computing devices with vulnerabilities like any other computing devices. But in case anyone still thinks the Apple iPhone is some how different in that regard, check out a video by Rik Farrow a Unix security professional. He used Metasploit to turn an iPhone into an eavesdropping device and show how to access email, listen to voice mail, and plant malware.
A Fast Company article provides more examples of exploits (although not enough details to do it yourself) and notes:
As a result, there are a number of ways to exploit the iPhone's defenses. If you know your target's phone number, you could text message a link to a malicious Website, which would covertly install a third-party application executing malicious code. The corollary would be to send your target an e-mail with a nefarious attachment; he clicks on it and the attacker "owns" the phone. Or there's always the "man-in-the-middle" (MITM) attack, which is perhaps the most James Bondian: You sit in, say, Starbucks with a laptop set up, as part of the ruse, to operate as a Wi-Fi access point, so a target's Web browsing and e-mail pass through your computer first. (How can you tell who has an iPhone as opposed to someone with a standard laptop, rival smartphone, or PDA? Simple -- the exploit only works on iPhones.) "This method would allow exploitation of any application that downloads images from the Internet," Moore says. "This covers standard Web-browsing using Safari, but also includes the iTunes Music Store, the YouTube video browser, and the Google Maps application."
Their motto may be think different, but Apple's device can be hacked similarly to everyone else's.
Email This!
Digg it!
Sphere it!
Del.icio.us
Reddit!
Newsvine
