iPhone SMS hack to be unveiled for all to see
30th Jul 2009 | 14:27
'Researcher' Charlie Miller to reveal all at conference
An SMS message that lets hackers take over iPhones remotely is set to be exposed at a Black Hat conference.
The flaw allows the hacker to gain access to nearly all access of the phone, meaning the camera, browser and phone functions can be remotely used.
Charlie Miller, the security researcher who uncovered the flaw (along with fellow researcher Collin Mulliner) says he has notified Apple to the problem, and the company hasn't (yet) responded with a patch.
The hack works by sending 512 text messages to a phone (although only one is visible) and then using an exploit in software to let the code from the text overrun into other parts of the phone.
The symbol on the one message could actually be changed to anything, so the person wouldn't know they've been the victim of an attack.
The hack will then use the phone to send texts to other users, meaning if left unchecked it could easily spread around the world.
The duo both say they've given Apple more time than ever to respond to the attack, yet it hasn't released a patch, so will be going ahead and revealing the exploit.
They've also found a similar problem with Windows Mobile, but admit they only found that last week and haven't notified Microsoft as yet.