http://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/ Engadget Comments for Apple patching nasty iPhone SMS vulnerability http://www.engadget.com/media/feedlogo.gif http://www.engadget.com en-us Copyright 2012 Weblogs, Inc. The contents of this feed are available for non-commercial use only. Blogsmith http://www.blogsmith.com/http://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/http://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/Jul 2nd 2009 1:04PMhttp://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/http://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/
Unless you have a 3GS, 3.0 runs like crap on the iPhone3G.]]>Jul 2nd 2009 1:10PMhttp://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/http://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/
I second that.. my 3G runs like crap since I've upgraded to 3.0. Maybe Apple thinks they can force everyone to upgrade to the 3GS if they slow down the old ones enough..]]>Jul 2nd 2009 1:17PMhttp://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/http://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/Jul 2nd 2009 1:21PMhttp://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/http://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/
Thanks for the advice!]]>Jul 2nd 2009 1:30PMhttp://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/http://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/Jul 2nd 2009 2:02PMhttp://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/http://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/Jul 2nd 2009 2:03PMhttp://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/http://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/Jul 2nd 2009 2:03PMhttp://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/http://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/
Faraday cage iPhone case, anyone??? :)

]]>Jul 2nd 2009 2:22PMhttp://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/http://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/Jul 2nd 2009 2:37PMhttp://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/http://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/Jul 2nd 2009 3:48PMhttp://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/http://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/
I knew this thing was shit, but wow! How could that have ever seemed like a good idea?]]>Jul 2nd 2009 4:00PMhttp://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/http://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/
Pot, meet kettle... ]]>Jul 2nd 2009 4:32PMhttp://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/http://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/Jul 2nd 2009 4:41PMhttp://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/http://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/Jul 2nd 2009 1:06PMhttp://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/http://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/Jul 2nd 2009 1:36PMhttp://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/http://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/Jul 2nd 2009 1:07PMhttp://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/http://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/Jul 2nd 2009 1:17PMhttp://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/http://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/
It doesn't matter that operators use SMS for backend settings. How often does a carrier turn on your camera or microphone? Apple knows what the SMS messages are used for since they wrote the interface and they should have put measures in place so that SMS only allowed valid command syntax. You're trying to excuse Apple here when they have no excuse.]]>Jul 2nd 2009 1:27PMhttp://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/http://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/
agree w/ you 100%, there's no justification for something like this...]]>Jul 2nd 2009 1:32PMhttp://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/http://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/Jul 2nd 2009 1:32PMhttp://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/http://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/
]]>Jul 2nd 2009 1:36PMhttp://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/http://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/
Think that could be right?]]>Jul 2nd 2009 1:37PMhttp://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/http://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/
I agree. It really sounds like a bad programming decision. I can't really picture someone writing code for SMS that could possibly control the phone other than telling you "THIS MEETING SUCKS LOLZ" and not thinking what would happen if someone manipulated it.]]>Jul 2nd 2009 1:47PMhttp://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/http://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/Jul 2nd 2009 1:49PMhttp://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/http://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/Jul 2nd 2009 2:00PMhttp://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/http://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/
How about this post from 2006?
http://www.noeman.org/gsm/trash-section/15714-mobile-phone-hacking-via-sms-etc.html
How about this from 2007?
http://www.gizmowatch.com/entry/an-incredible-diy-mod-hack-your-camera-phone-through-a-sms/
How about this from April?
http://www.maximumpc.com/article/news/sms_hack_could_hijack_cell_phones]]>Jul 2nd 2009 2:09PMhttp://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/http://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/
How do you think IE gets exploited? It's not just HTML an such - everything ends up in memory at some point, if it's in the wrong place then it may be exploitable

just because this is in SMS doesn't mean it couldn't be elsewhere - just that the other apps don't manipulate the data in the same way]]>Jul 2nd 2009 2:36PMhttp://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/http://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/
Which supports someone elses reasoning on why this simple hack was left unchecked if its a known problem with other phones. ]]>Jul 2nd 2009 3:37PMhttp://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/http://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/
No, the MobileMe service functions over the data connection. This is probably the same as any other hack, meaning the hacker is able to run his own code on the main processor via a flaw in the SMS handling protocols. And as you know, the processor controls everything.]]>Jul 2nd 2009 4:05PMhttp://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/http://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/
@sweet greggo it's not that no one cares that there are few iphone hacks or Mac hacks even it's because those that write the viruses usually write them on macs as part of their twisted love affair with Apple. :(

People have been steadily trying to hack into every ones iphone since day one. Jailbreak and install Veency and see how many attacks you get an hour. It's disgusting how attempts to gain entrance into your device you will see. Veency makes it possible to seet he attacks because it will not allow a connection with out on device approval, but the attacks are pretty steady on all network connections. Think of all those people with bank passwords and credit card info on their iphones that they think is safe because they have it with them. Ummm no! The thing is Apple does not want people to know exactly how unsafe their information is. It's not safe on any device. If it makes it easier for you to get into your bank account or use your credit card it also makes it easier for hackers and thieves to get at your information and use it. Why isn't this breaking news? Well because people would stop using the devices if they truly knew how vulnerable they were. Why is this story now main stream? Well because now that push is active Apple can drop the use of the sms style of information sending and reporting, so the hole can have a light shined on it since they can now close it due to no use for it any longer. Apple would not be closing one hole with out creating another, so once this hole is closed your information is still going to be just as vulnerable. Hackers and thieve will always find away! Even if they have to go to work for major corporations and build the ways into the things meant to keep them out. People seem to underestimate the sheer patience and devotion that those that want whats yours have. IF you think push is so kewl think again, because it's a constant connection with your device. It's an open window for nefarious people to just climb right in and root around. It's being said that jailbreaking only makes this easier,but when one jailbreaks the device they then have the control to close as many holes as possible should they chose to. So I take that info as a sort of disinformation.

With all that said I repeat this is not a new exploit. It's just an old hidden exploit that's time has come and gone, and Apple feels is now safe to discuss. Anyone remember the boom video? You logged on on your iPhone and it then crashed your device. Too much info and system overload? Or Apple testing the Kill Switch?

I can hear it now, but Apple didn't release the information some Hacker did. He's not a hacker he's a techno safety consultant. Hackers don't sell their exploits to people that will use them to seal the hole. Hackers use the exploit till they can no longer safely use it, or they sell the exploit to underworld no gooders that use it to rob people. Any one that shows up to any of these hacking contests is not a hacker and I doubt they ever come up with a new exploit, but merely take what they have found in the underground and make it public. They are more like hacker journalist than hackers, but I'm sure they erk some people in the process. It's like tax attornies. they don't work for the IRS, because they know there is more money to be made on the other side of the law.

It's a smartphone of course someone can remotely turn on the gps , or camera or mic, or rummage through all your information. Think about that all would be criminals that have to have the latest and greatest cell/smartphone. ]]>Jul 2nd 2009 5:57PMhttp://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/http://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/Jul 2nd 2009 6:12PMhttp://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/http://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/]]>Jul 2nd 2009 1:09PMhttp://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/http://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/Jul 2nd 2009 1:14PMhttp://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/http://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/
Doesn't yours?]]>Jul 2nd 2009 10:59PMhttp://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/http://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/Jul 3rd 2009 6:15AMhttp://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/http://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/
Imagine if they can also control the cam and start taking pictures of you and put them on a "bad" site or something. ]]>Jul 2nd 2009 1:08PMhttp://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/http://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/Jul 2nd 2009 1:23PMhttp://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/http://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/Jul 2nd 2009 1:20PMhttp://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/http://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/Jul 2nd 2009 1:13PMhttp://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/http://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/Jul 2nd 2009 1:30PMhttp://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/http://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/
So what about the mobileMe exploit?]]>Jul 2nd 2009 1:36PMhttp://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/http://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/
Ok, so the MobileMe was exploited for Trojan.]]>Jul 2nd 2009 1:38PMhttp://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/http://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/Jul 2nd 2009 1:44PMhttp://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/http://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/Jul 2nd 2009 1:47PMhttp://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/http://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/Jul 2nd 2009 1:50PMhttp://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/http://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/http://www.kaspersky.com/viruswatchlite?search_virus=osx&hour_offset=-2]]>Jul 2nd 2009 1:52PMhttp://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/http://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/So OSX has Trojans n Malware, but because its Virus-proof that makes it all better?
So what's you view on Asbestos? It gives you cancer, but at least its Fire-proof eh?]]>Jul 2nd 2009 1:54PMhttp://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/http://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/Jul 2nd 2009 1:54PMhttp://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/http://www.engadget.com/2009/07/02/apple-patching-nasty-iphone-sms-vulnerability/
I guess I didn't make myself clear enough. It doesn't matter if a viruses can be written for the Mac or not.

NO. ONE. CARES.]]>Jul 2nd 2009 2:15PM