iPhone SMS Vulnerability Found, Getting Patched
Of course, it's likely that this won't be exploited en masse, but the sheer fact that so many iPhones are out there makes this a fairly serious risk. According to Miller, the attack "exploits a weakness in the way iPhones handle text messages received via SMS (Short Message Service)," but due to a prearranged agreement with Apple to keep the details out of the press, he refused to say more. In fairness, we're glad that he's passing the evidence onto Apple for it to mend up the problem before it becomes something more serious. For those unfamiliar with the name, Charlie Miller is a renowned expert on Mac OS X security, so while he's credited with finding the gap, he's certainly a "good guy" in all of this.
The only details Miller had were as follows: "The SMS vulnerability allows an attacker to run software code on the phone that is sent by SMS over a mobile operator's network. The malicious code could include commands to monitor the location of the phone using GPS, turn on the phone's microphone to eavesdrop on conversations, or make the phone join a distributed denial of service attack or a botnet."
Miller is planning to detail the hole more at the Black Hat USA security expo in Las Vegas later this year, which gives Apple a short window of time to patch the vulnerability. If all goes planned, Apple will actually have a fix ready "later this month," but exact details on when said patch will arrive have yet to be disclosed. Miller did admit that even "despite the SMS vulnerability, the stripped-down version of MacOS X used in the iPhone makes it more secure than computers running the full-blown operating system." In other words, hackers cannot exploit the phone via Adobe Flash (yet, anyway) or Java as you can on a PC or Mac, but the fact that there are still gaps for ill-willed souls to exploit makes one wonder if there are any other cracks that have yet to be plugged up.
Indeed, if a hacker were to gain access to the iPhone via this hack, they could--in theory--access the root account. With other potential hacks, which enter via the Web browser or similar, hackers can only get as far as the "sandbox." By accessing the root, it's possible to control most any aspect of the smartphone, thus enabling hackers to completely invade an owners' privacy. Scary stuff for sure, but hopefully the security experts in Cupertino will have this all taken care of before anything malicious happens.