AllTechRelated

iPhone and iPod Touch have new Vulnerability

Posted by rmc08 February - 4 - 2010 - Thursday

It was recently found at a Cryptopath website that the iPhone could be exploited using the certificates that Mobile Safari handles. It can be exploited by creating your own certificated disguised as Apple’s, a hacker can gain access to the root-level settings, which can allow an attacker to grab data off the iPhone (such as saved SMS, voicemails, etc). But, what the attacker can’t do is remotely run or install applications. The reason that the iPhone and iPod Touch certificates can be exploited, is because the VeriSign doesn’t actually check the warnings that the signature checks give, it basically ignores them. It’s not being currently used, but it may soon be used in the near future (hopefully it will be implemented in a 3.1.3 iPhone or iPod Touch jailbreak :D ).

Source: http://www.macobserver.com/tmo/article/iphone_vulnerable_to_security_certificate_flaw_attacks/%5C/

Most Commented Posts

Apple, Mobile Phones, Virus/Trojans

Leave a Reply

  • Categories

  • Ads

  • Search


  • ShoutMix chat widget

  • What’s most popular?

    How to Jailbreak your iPod Touch 2nd Generation - Redsn0w for Windows List of Free TV Show and Movie Streaming Websites for the iPhone/iPod Touch Redsn0w Released for OS 3.0! iPhone/iPod Touch Source List for Cydia and Installer HomeHD - iHome Theme for iPhone/iPod Touch OS 3.0 Custom Firmware 5.50GEN-B Released Custom Firmware 5.50GEN-a Released + Build 4 for Slim Users Disable Accelerometer in Safari and Coverflow How to Fix Cydia Crashing on 3.0 Installing CFW Via ChickHEN on PSP 1000, 2000 or 3000 Guide