Suspected PayPal Hackers Seek Deal To Stay Out Of Prison
2 Men Arrested After Teen Was Run Over For His iPad
Pwn2Own: fully-patched iPhone hacked, SMSes downloaded via website
Vincenzo Iozzo and Ralf Philipp Weinmann, a couple of European security researchers, just demonstrated a zero-day hack on a fully-patched iPhone as part of Pwn2Own. Once an iPhone user is lured to a malicious web page, their entire SMS database is uploaded onto the server without them realizing it -- including deleted SMSes.
Currently the hack crashes Safari, but they claim that given enough time, they could make it so Safari doesn't even crash. The upload process takes about 20 seconds, and it took them two week to develop the exploit itself. Now let's see when Apple releases a patch for Safari.
Opera for iPhone, anyone?
[Via: ZDnet via Neowin]
Comments
2
Subscribe to commentsBuggerMar 25th 2010 3:34PM
Seems like this is a good reason to allow alternative browser in the iPhone other than WebKit based browser,
Brian!Mar 25th 2010 3:48PM
Funny how over on Engadget iPhone defenders love to claim that the iPhone's closed system is unhackable. Good think Apple likes to protect their customers from choices!