Monday, March 29, 2010

Smartphone Security - Part 4

In CanSecWest Pwn2Own 2010, researchers were able to break in a fully patched IPhone using unknown Safari vulnerability, it took them 2 weeks to find the vulnerability and write the exploit and took them 20 seconds to hijack the entire SMS database and uploaded it to a server.

The researchers claim that they can also hijack the emails and photos using the same vulnerability.

Vulnerability details will be disclosed after releasing a patch by Apple, as per the press release.

Whatever the details of the vulnerability is, it is a fact that finding a vulnerability is not that difficult, and considering the growing market share of the smartphones, with more and more powerful hardware, the problem of smartphone security will be a big issue.

You may want to check Part 1, 2, 3 of related smartphone security issues.

No comments: