Engineer Crashes the iPhone
Zambrini isn’t releasing the technical details of the bug right now, but Forbes.com was able to confirm that the bug Zambrini found did in fact crash the latest generation of iPhones. The bug is in the audio portion of Apple’s video format. A person who knows of the bug could potentially incorporate it into a video file and trigger a crash whenever that file is accessed. Most of Apple’s operating systems and some Linux operating systems share this bug, which is located in a shared code library. The bug doesn’t appear to cause any permanent damage, but we all know how annoying a lengthy reboot process can be, especially if our phone crashes when we’re expecting a call. Zambrini says he has sent an email to Jobs explaining the bug, but hasn’t contacted Apple’s security response team.
This 38-year-old security expert isn’t trying to attack Apple. In fact, he’s a fan of Steve Jobs and Apple’s marketing prowess. He even goes so far as to call Jobs a genius. Ironically enough, Zambrini applied for an iPhone security engineer position at Apple about the same time as he discovered the bug. The company hasn’t responded to his resume. Even though he applied, Zambrini isn’t really aiming to work for Apple. Instead, he says, “Just maybe a chat with someone there—with Steve Jobs if possible—could lead to anything.” Zambrini first gained fame last year when he created Ziphone, a widespread application that unlocks iPhones so that they can be used on carriers other than AT&T.
Although Zambrini hasn’t found potential within the bug for malicious applications like arbitrary code injection, he hasn’t completely ruled it out, ether. Zambrini and another security expert are currently looking into this possibility which would enable remote hackers to compromise a device.
Thankfully, most of us have been pretty immune to mobile phone hacks (except for maybe Paris Hilton, and we all know how well that ended up…) Let’s hope Apple and other manufacturers keep security tight, or else we’re all in trouble.