Hot on HuffPost Tech:

See More Stories
Free Switched iPhone app - try it now!
AOL Tech

Pwn2Own: fully-patched iPhone hacked, SMSes downloaded via website

phone

Vincenzo Iozzo and Ralf Philipp Weinmann, a couple of European security researchers, just demonstrated a zero-day hack on a fully-patched iPhone as part of Pwn2Own. Once an iPhone user is lured to a malicious web page, their entire SMS database is uploaded onto the server without them realizing it -- including deleted SMSes.

Currently the hack crashes Safari, but they claim that given enough time, they could make it so Safari doesn't even crash. The upload process takes about 20 seconds, and it took them two week to develop the exploit itself. Now let's see when Apple releases a patch for Safari.

Opera for iPhone, anyone?

[Via: ZDnet via Neowin]
Share StumbleUpon.com

Tags: apple, hacking, iphone, privacy, pwn2own, security

Comments

2