back to article iPhone crashing bug could lead to serious exploit

This story was updated to correct factual errors contained in an IDG News article that first reported the vulnerability. If you own an iPhone, security researcher Charlie Miller can knock it off the network. And if his hunch is right, he just might be able to do a lot more, at least until Apple fixes the flaw. Exploiting a …

COMMENTS

This topic is closed for new posts.
  1. ElReg!comments!Pierre
    Black Helicopters

    Not a bug

    It's a feature. It's to monitor terrorist activity. The iPhone was just a prototype, the same tech will soon be mandatory in every handset sold in democratic countries such as China, Iran, or the US. The same tech was supposed to be deployed in France too, but after 2 month of country-wide strikes and demonstrations, including Apple's own Steve Jobs sequestration*, the plan was scrapped. HMG's best techies are working on a similar technology, which will be available in 10 to 20 years and will cost 200 billion pounds more than expected. Nothing to see there, move along.

    *you thought he was having a kidney transplantation, didn't you? Well, he wasn't.

  2. Brfff
    FAIL

    Just ...

    remove T21 basic service (SM-MT) from the subscriber's profile. Seems a major nuisance though as they won't be able to receive SMs anymore

  3. James O'Brien
    Coffee/keyboard

    @ElReg!comments!Pierre

    Sorry but you owe me a keyboard :)

  4. Anonymous Coward
    Jobs Horns

    I knew you wouldn't let me down...

    This is turning into iPhone fault per day...

    So far this week...

    Overheating

    Yellow screens

    GPS inaccuracies

    SMS remote shutdown

    Will you have anything for us tomorrow, I know it's a weekend, but come on, if you have something please don't make me wait until Monday!

    @ElReg!comments!Pierre

    "you thought he was having a kidney transplantation, didn't you? Well, he wasn't."

    Correct, he wasn't... It was his liver!

  5. Anonymous Coward
    Anonymous Coward

    Oh deary...

    That ivory tower the fanbois all sit in is looking a little more Pisa like every day now...

    Perhaps the reason it's tilting so badly is that there are so many of them.

    Still, take heart guys, at least you'll have more than your fair share of estate agents to flog the remains to some poor sucker and it'll look just fabulous....

  6. Sekundra
    Thumb Up

    Not a bug

    Sir

    I salute you - that's awesome.

  7. King Edward I

    To block SMS...

    Wrap your phone in tin foil :P

  8. Anonymous Coward
    Troll

    rong!!!!

    hai guys

    OMG, dat is rong. Appil producks r supa specil oresum. dey neva brake or hav problims ok!

    get it rite regista

    K thnx bi!

    LOL

    xxxxxxxxxx

  9. Stuza
    Jobs Halo

    @ AC 4:53

    lololol indeed it is. Keep em coming, always good to giggle....

  10. M A Walters
    Happy

    @AC 04:53

    "Correct, he wasn't... It was his liver!"

    Good one! :-)

  11. Anonymous Coward
    Anonymous Coward

    @ac

    what about the overheating issue if ambient temperature is hot. Not that we're in a heat wave or anything.

  12. Martin 75

    @AC 04:53

    Dont; worry though - it's not a Microsoft Product so mobody will tell you they are basically wank.

    4 comments? Imagine if this was a Windows Mobile Based Phone. Ohh lordy it would get all the retards out of the woodwork telling us how great their Ubuntu phone is.

  13. tiggertaebo
    Alert

    anyone taking any bets?

    On how long before the first fanboy tells us that it doesn't matter as no-one on the iPhone needs SMS cos they have e-mail right?

    Seriously though I would hope Apple take this one a little more seriously than the OSX Java vuln that it took them months to allow users to get the patch for. Has there been any word on when the crash triggers? Does the user have to open the affected text or is merely receiving it enough?

    The amount of iPhone issues discovered of late - and more importantly the amount of coverage they have received is interesting, is this truly a lower-standard product from Apple or is it that they are now just experiencing the results of having a wide market share beyond the traditional cultists (who are usually very forgiving of whatever products their chosen religion puts out)?

    IMHO in recent years Apple have started buying into their own hype and have taken their off the ball when it comes to quality control and if they continue to stick their head in the sand every time then I can't see it ending well!

  14. Annihilator
    Paris Hilton

    Details

    All OS flavours? All hardware varieties?

  15. Alien8n

    @ the iPhone haters

    To be fair the iPhone is still the most reliable phone I've had. All phones have vulnerabilities, so finding one in the iPhone isn't much of a surprise. What is a surprise is that it's so easy to trigger, however since an sms shows where it's come from it should be relatively simple to trace any would be hackers.

    Only 2 things I dislike so far, no bluetooth to other phones, and no way of setting my existing mp3s to be ringtones. Instead I have to buy an mp3 that I already own and get it converted via itunes.

  16. Doc Spock

    Similar to Nokia Bug?

    I wonder if the bug is similar in nature to the "Curse of Silence" DoS bug that affected certain Nokia S60 phones?

    https://berlin.ccc.de/~tobias/cos/s60-curse-of-silence-advisory.txt

    Basically, ill-formed messages are being parsed incorrectly, resulting in unexpected consequences (from the manufacturer's perspective).

  17. Scott Mckenzie
    Thumb Up

    @Alien8n

    Careful, that was a reasoned argument...

    I totally agree with what you've pointed out, for reference i'm still waiting for a firmware to fix several issues with a HTC Touch Diamond... it's only been 12 months. At least Apple acknowledge the faults and do something to actively fix them.... i'd much rather have that personally.

    As for MP3's as ringtones... easily done, just a little convoluted! http://forums.macrumors.com/showthread.php?t=351495

  18. Dave 142

    @Alien8n

    If you have a Mac then you can drag an MP3 into Garageband, set a small loop from within the MP3 and then select export to ringtones. It'll send it to iTunes and you can SYNC next time you plug the phone in. It won't work with DRM'd stuff though, obviously. I imagine there's something that'll do the same job in Windows too.

  19. Andrew Woodvine

    Barring SMS

    Bar incoming SMS: *35*barring code*16#[SEND]

  20. Anonymous Coward
    Anonymous Coward

    @Andrew Woodvine

    And I assume your solution for over heating is

    Holding down the sleep/wake button at the top right-hand corner of the iPhone for a few seconds.

    Push slider across to right...

  21. Anonymous Coward
    FAIL

    Nokia also has SMS bug

    Nokia S60 devices have also had - as mentioned - dodgy SMS parsing. great times.

    anyway, more important is that these new handsets are starting to come with 'wipe clean' remote functionality - eg if phone stolen you can send a code to wipe the phones settings and data - now imagine if this sort of hack can access that feature - far worse for some than a simple 'No network' - you lose your contacts etc while out and about

  22. ElReg!comments!Pierre

    @ I knew you wouldn't let me down...

    >>"you thought he was having a kidney transplantation, didn't you? Well, he wasn't."

    >Correct, he wasn't... It was his liver!

    Ooopsie. Liquid lunch + excessive smugness will do that.

    @Alien8n

    "@ the iPhone haters"

    There doesn't appear to be a lot of the dreaded (and mostly fantasized) iPhone haters here, sorry. One or two smug jokers maybe, but haters? Persecution complex, much?

    "since an sms shows where it's come from it should be relatively simple to trace any would be hackers."

    Yeah well, grammar put aside why don't you go tell that to the guy I saw this morning buying one of these widely-available pre-paid thinggies, cash? Similarly, TCP-IP-based attacks (of banks, military systems, SCADA-monitored infrastructures, ...) are no threat as a TCP-IP connection shows the attacker's IP address. Hey, real-life crime is not a big issue either, after all the thugs leave their biz card on the scene, don't they?

    Granted, this vuln is probably not a threat to whatever they call "homeland security" (as anyone keeping crucial info on an easily-robbed or easily-lost device is a fool. What if you go meet a chinese <cough> damsel <cough> in a comfy hotel room during the Olympics?) but your argument doesn't hold anything remotely watery. This is a serious threat for the average user, and it doesn't look like it's particularly easy to thwart, either. Not if you want to retain the ability to receive SMS at least. Not that I'm the least bothered, I don't have an arm and a leg to spare on a mere gadget, to begin with (I bought a much-needed* EEEPC instead).

    *definition of "needed" may vary**.

    **The handbrake isn't that impressed, for example, but she must be biased: she owns a MacBook.

  23. Andy Watt
    FAIL

    serious, but not exploitable, I'd wager.

    I don't think there's an injectable mechanism here - sounds like the stack processor is rebooting (hence the brief-ish period off network) but the main app processor is still online and up and running.

    Could be wrong though... :) Still, apple, bad show! Read some frickin' ETSI specs you dozy buggers.

This topic is closed for new posts.

Other stories you might like