July 22, 2007 8:55 AM PDT

iPhone flaw lets hackers take over, security firm says

A team of computer security consultants says it has found a flaw in the Apple iPhone that allows them to take control of the device.
The New York Times

The story "iPhone flaw lets hackers take over, security firm says" published July 22, 2007 at 8:55 AM is no longer available on CNET News.

Content from The New York Times expires after 7 days.

67 comments

Join the conversation!
Add your comment
Let the annoying pointless flaming begin!
I'll start:

"Obviously this shows that Apple is no better than anyone else"
'No it doesn't!'
"Yes it does!"
'No it doesn't'
"Yes it does!"
'No it doesn't and you're fat ugly and stupid'
"Yeah, well my OS can beat up your OS!"
lather, rinse, repeat.
Posted by rapier1 (2722 comments )
Reply Link Flag
Somethimes fun though
I have to admit that I click on apple/microsoft stories, not to read the articles, but to laugh at the goofballs who echo the dialog you just sampled.
Posted by shoffmueller (236 comments )
Link Flag
iBug
Too bad... I thought it would at least be a month before something like this was found for the iPhone. I guess even Apple can get careless when they quickly develop a mobile operating system...
Posted by mithodge (4 comments )
Reply Link Flag
I'm curious
If this exploit is found on the iPhone which is running OS X, does it mean the same thing can happen to a Mac running OS X too?

Somehow I doubt it, but.... ?
Posted by Vegaman_Dan (6683 comments )
Link Flag
Stupid defensive remark regarding Windows Mobile
These Apple worshipers (including reporters) can't resist dragging Microsoft technology into the issue. When will people learn that no, and I mean no, operating system or software application is immune from attack and probably never will be. Therefore, Apple is just another computer software and hardware vendor--nothing special.
Posted by WJeansonne (480 comments )
Reply Link Flag
What about Macs
Maybe the author should have speculated about whether the flaw affects other Macs as well. Both run OSX right? Stands to reason that Macs can be exploited in the same fashion. Maybe even PC's that are runnig Safari.

Apple wanted attention. Well they have it now. If enough bugs are found, maybe the fanboys will accept the fact that Apple creates software just like everyone else. There are no gods working for Steve Jobs.
Posted by NewsReader_ (280 comments )
Link Flag
So true. I havnt seen a single exploit on Windows Mobile
So true. I havnt seen a single exploit on Windows Mobile

Not like Symbian and Linux based OSs where you have a zillion patches and vulnerabilities to worry about. Symbian in particular has loads of virues and Malware floating around,
Posted by richto (895 comments )
Link Flag
True
But as usual you are missing the important point.

You don't see script kiddies breaking into non-windows systems.

It takes a lot of effort and knowledge to legitimately compromise a *nix machine.

That is NOT the case with windows.

If you can't see the difference, well I am not surprised.

If this gets fixed quickly and without incident then not much has changed. It certainly doesn't let the criminally incompetent Microsoft off the hook.
Posted by qwerty75 (1164 comments )
Link Flag
I'm not worried about it.
I'm sure Apple will get it taken care of, and I've heard nothing of
anyone actually having their iPhone hacked. Not to say it won't
happen, it's definitely possible. But Apple's iPhone support is
outstanding, I know somoene who was extremely satisfied with it,
so I have to assume they will take care of any legitimate security
issues as they are discovered.

<a class="jive-link-external" href="http://www.pisceandelusions.org" target="_newWindow">http://www.pisceandelusions.org</a>
Posted by pisceandelusions (5 comments )
Reply Link Flag
* Nothing to do with story . . . *
Nice web page fellow Piscean ;-)
Posted by K.P.C. (227 comments )
Link Flag
The important bit of this story...
I guess you ALL missed the important bit of this story:
"Windows gets hacked all the time not because it is more insecure than Apple, but because 95 percent of computer users are on Windows," he said. "The other 5 percent have enjoyed a honeymoon that will eventually come to an end."

The iPhone is becoming a victim of its own success, he said. "The irony is that the more popular something is, the more insecure it becomes, because popularity paints a large target on its back."

Welcome to (in)security hell, Apple! ;-)
Posted by aemarques (162 comments )
Reply Link Flag
Re: The important bit of this story...
Yea yea yea...
For the same reason Unix and Linux Servers outnumbered Window
Servers yet Window Servers were the ones that were most often
compromised..? Sorry, but it's been long proven that it's not a
market percentage which gets one OS targeted more than another.
It's the ease of which even young hackers have been frequently able
to remotely gain entry into a Window's based computer.
Posted by imacpwr (456 comments )
Link Flag
Security through obscurity myth
Hmm, I wonder what percentage of cell-phones, or heck even
smart-phones, are iPhones? It couldn't be 95 percent already,
could it? ;-)
Posted by dejo (182 comments )
Link Flag
You hit the nail right on the head.
How funny will it be when Apple has a dominant share of the
smartphone market...
Posted by morubio (1 comment )
Link Flag
Look at the obsession of iPhone fans !
So call die-hard iPhone fan can't even allow a security flaw to be reported and say they don't care. If this device is so expensive and is suppose to be become universal over the years than it has to perform as expected.
I own one now and its the best tech device I have seen but then again it just barely makes for the price with its flaws, and these reports add up to it.
Alright, now over to the 'fans' ...
Posted by csg7 (81 comments )
Reply Link Flag
Hardly a surprise. Full of Holes, Just like MacOSX and Safari.
Hardly a surprise that it's full of Holes, Just like MacOSX and Safari.
Posted by richto (895 comments )
Reply Link Flag
You right. Almost as much is Windows and IE
You right. Almost as much is Windows and IE
Posted by nmcphers (261 comments )
Link Flag
Hardly a surprise indeed
I guess the fact that there are no exploits in the wild for OSX over 5+ years is meaningless?
Posted by qwerty75 (1164 comments )
Link Flag
Why did you go there?
This article was going fine discussing a flaw in the iPhone,
specifically Safari until you decided to MacOS vs. Windows thing.

Fine, look at the facts: there are zero, 0, nada, zip viruses/
malware for Mac OSX. Don't trust me, ask your AV vendor of
choice.

OSX has been out since what 2001? Six years and counting...
that sounds like a helluva "black target" doesn't it.

As virus writers/skiddies/black-hats are in it for self-
agrandizement, what better feather in your cap than to be the
first to write a virus for Mac OSX?

I use Windows, I use Mac, I use Linux. I know each of their
strengths and weaknesses.

Anyone who says a UNIX based OS has no viruses/malware/etc.
because of it's installed numbers simply doesn't know what they
are talking about. UNIX is a completely different architecture
which is not susceptible in the same ways as Windows.

Don't trust me, please, do the research yourself.
Posted by catbutt5 (91 comments )
Reply Link Flag
What an ignorant statement
"The irony is that the more popular something is, the more insecure it becomes, because popularity paints a large target on its back."

Security and popularity have nothing to do with each other. If this security flaw is valid, it would still be a security flaw if they only sold a small handful. Given the sparse details, it looks like it is a relatively simple attack to carry out, which is the real reason that systems get attacked.

It is unlikely that you will see 12 year old script kiddies successfully compromising non-Windows based systems anytime soon. That is where Windows fails. No system is 100% safe from attacks, but that doesn't mean that technically ignorant people should be able to easily attack the system.

If his ridiculous statement were true then Apache would be getting hacked all the time, instead of Windows server offerings.

This might not necessarily affect desktop machine. there are undoubtedly significant modifications on the iPhone version.
Posted by qwerty75 (1164 comments )
Reply Link Flag
statistics
For the people wanting statistics but don't know how to search at secunia.com:

Windows Server: 10,278 viruses listed This includes the entire Windows Server family

Apache: 49 listed virus This includes, not only the traditional Apache but other servers like Struts and Tomcat(Servlet/JSP).

The interesting thing is that Windows Server has 517 advisories listed and Apache 402. So much for the all flaws are equal argument.

For completeness IIS has 46 advisories and 802 viruses, and is much, much younger then Apache.

But yeah, popularity and security problems are related.
Posted by qwerty75 (1164 comments )
Link Flag
popularity
Depending on how independent the report is statistics for Apache market share, varies. But they all agree on one thing: they have the majority share by a wide margin.
Posted by qwerty75 (1164 comments )
Link Flag
popularity
Depending on how independent the report is statistics for Apache market share, varies. But they all agree on one thing: they have the majority share by a wide margin.
Posted by qwerty75 (1164 comments )
Link Flag
Talk about ignorant!
"It is unlikely that you will see 12 year old script kiddies successfully compromising non-Windows based systems anytime soon. "

How about the 12 yo script kiddies who have been trashing *nix based web servers for years? How many sites have been defaced and databases wiped out on non-windows servers? MILLIONS.

Please get a clue.

The reason there's no successful virii on MacOS is because there's just not enough of them to allow for propagation. If a virus sends itself to everyone in a person's address book - particularly at businesses - they'd be unlikely to even reach one mac. A virus cant spread that way. Same with other OS's.
Posted by LuvThatCO2 (187 comments )
Link Flag
iPhone over-hyped, over-rated!
I love watching Apple fanboys flip out.

I dont get this whole iPhone hype - other than the multi-touch, what isnt already available on a Win mobile phone? The 'HTC Touch' and several other of their phones meet, if not exceed, the feature spec of an iphone - and they've been doing that for years on their phones. The iphone doesnt even have bluetooth file transfer, not to mention the programming interface isnt 'open' making 3rd party apps scarce... that makes the iPhone basically a fancy paper weight in my book. My motorola has an mp3 player &#38; full bluetooth (all profiles). The iphone cant match that? Plus the suckers I know who bought an iPhone say the phone's reception and clarity is awful. Meanwhile, my motorola is better than a land line.

Over-rated!
Posted by LuvThatCO2 (187 comments )
Reply Link Flag
Who's flippin'?
I'll tell ya who - M$ fanboyz.
M$ announces it's weekly holes/patches.
M$ announces yet another HUGE hardware recall.
Who stood in line for a Zune?
Who stood in line for Windows mobile?
Answer?
Nobody.
Look at Apple's stock. It's high for good reason - great
products and support.
Perfect?
Heck no.
Better than most?
Yes.

Seems you M$ fanboyz are the ones in a tizzy. :)
Posted by sciontcya (643 comments )
Link Flag
Proof Of Concept
A security company which I never heard of before finds and uses an exploit in the iphone to show off how smart they are and get themselves alot of free publicity. Did I nail it right the first time?

Just like Microsoft or Apple, the flaw in their software is found and fixed and life continues.
Posted by thedreaming (573 comments )
Reply Link Flag
this bug will never hit me but!
I am so angry that I can't use attachments!

So hackers can use attachments but normal users can't?

I could throw away my work pc if apple enabled the use of attachments.
Posted by inachu (963 comments )
Reply Link Flag
LMAO
Choked on some water bt thanks for the laugh
Posted by nuckelhedd (70 comments )
Link Flag
Yawn! Again...
nt
Posted by Kings X Rocks! (89 comments )
Reply Link Flag
Now Hackers Can Have A Slow Connection Too
Pity the hacker that takes over a iPhone and has to do his criminal work at dial-up speeds.
Posted by Xenu7-214951314497503184010868 (153 comments )
Reply Link Flag
Hear Hear!
nt
Posted by Kings X Rocks! (89 comments )
Link Flag
Soon you will all be able to toss your iphone to next river
Soon Google is coming with Google Cell Phone, wich will have all google services such as gmail, google maps, search etc.

I think the right thing to do right now is buy a relevant domain names like those sell on ebay:

<a class="jive-link-external" href="http://cgi.ebay.com/Google-Cellular-Google-Cell-Phone-com-8-domain-names_W0QQitemZ120144690732QQihZ002QQcategoryZ11153QQssPageNameZWDVWQQrdZ1QQcmdZViewItem" target="_newWindow">http://cgi.ebay.com/Google-Cellular-Google-Cell-Phone-com-8-domain-names_W0QQitemZ120144690732QQihZ002QQcategoryZ11153QQssPageNameZWDVWQQrdZ1QQcmdZViewItem</a>
Posted by erezhustla (14 comments )
Reply Link Flag
iPhone Security Hole Patched
GoTrusted just launched a new iPhone Security Service that encrypts your internet communications over WiFi networks. The best part is, it?s FREE!

<a class="jive-link-external" href="http://www.gotrusted.com" target="_newWindow">http://www.gotrusted.com</a>
Posted by intro27 (2 comments )
Reply Link Flag
GoTrusted Patches iPhone Security Hole
GoTrusted just launched a new iPhone Security Service that encrypts your internet communications over WiFi networks. The best part is, it?s FREE!

<a class="jive-link-external" href="http://www.gotrusted.com" target="_newWindow">http://www.gotrusted.com</a>
Posted by intro27 (2 comments )
Reply Link Flag
PEOPLE PEOPLE... Calm the blank down....AS long as something is a piece of technology, it will have flaws.

No Matter if it is Mac or Windows it will have them.. I have had both the HTC 8525 and now thew iPhone..Both have had there fair share of annoying problems..

\BUt look at the BIG PICTURE, you guys fighting about it online is like being retarded..No matter who "THINKS" they won your still both RETARDED
Posted by BigMike707 (1 comment )
Reply Link Flag
 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.