John Paczkowski

Recent Posts by John Paczkowski

iPhone to Support Third-Party Security Exploit Applications

header.jpgHere’s an unintended, but perhaps inevitable, corollary to the iPhone’s success: the proof-of-concept security exploit. Researchers at Independent Security Evaluators have discovered a vulnerability that could give an attacker unfettered access to an iPhone, with administrator privileges, and they have written a bit of code to demonstrate it. “In our proof of concept, this code reads the log of SMS messages, the address book, the call history and the voice-mail data,” the ISE team explains. “However, this code could be replaced with code that does anything that the iPhone can do. It could send the user’s mail passwords to the attacker, send text messages that sign the user up for pay services, or record audio that could be relayed to the attacker.”

The vulnerability, which can be exploited by an attacker-controlled WiFi point or Web page, hasn’t yet been reported in the wild. And Apple’s working on a fix for it. That said, we’re certain to see others in the months ahead now that the iPhone has been proved vulnerable.

“Anything as complex as a computer–which is what this phone is–is going to have vulnerabilities,” Johns Hopkins professor Avi Rubin told the New York Times. “The irony is that the more popular something is, the more insecure it becomes, because popularity paints a large target on its back.”

Added Steven M. Bellovin, a professor of computer science at Columbia University, “It’s not the end of the world; it’s not the end of the iPhone. It is a sign that you cannot let down your guard. It is a sign that we need to build software and systems better.”


Twitter’s Tanking

December 30, 2013 at 6:49 am PT

2013 Was a Good Year for Chromebooks

December 29, 2013 at 2:12 pm PT

BlackBerry Pulls Latest Twitter for BB10 Update

December 29, 2013 at 5:58 am PT

Apple CEO Tim Cook Made $4.25 Million This Year

December 28, 2013 at 12:05 pm PT

Latest Video

View all videos »

Search »

Just as the atom bomb was the weapon that was supposed to render war obsolete, the Internet seems like capitalism’s ultimate feat of self-destructive genius, an economic doomsday device rendering it impossible for anyone to ever make a profit off anything again. It’s especially hopeless for those whose work is easily digitized and accessed free of charge.

— Author Tim Kreider on not getting paid for one’s work