A security flaw in the iPhone 3.0 operation system has been found that could allow hackers to access the phone through Wi-Fi hotspots.
Max Moser, co-founder of the remote-exploit.org security group, has written in a blog post about a feature that is designed to make the iPhone friendlier to use, but actually makes it less secure.
The third version of the software is designed to automatically open the Safari browser when attempting to join a Wi-Fi network. The phone issues a request for Apple’s website, and if the query receives a result, it assumes the network is working. If no response is detected, the phone assumes a network is not available.
But if the phone receives a response from a website other than Apple’s, it opens to the Safari browser as it assumes the user is attempting to enter a network that requires information to be given, such as user identification.
Security research Lothar Gramelspacher explained on the site that using appropriate software and network hardware, a hacker could set up his or her own Wi-Fi hotspot and then access account information from an iPhone user.
ABOUT THE AUTHOR
COMMENTS
SmartCompany is committed to hosting lively discussions. Help us keep the conversation useful, interesting and welcoming. We aim to publish comments quickly in the interest of promoting robust conversation, but we’re a small team and we deploy filters to protect against legal risk. Occasionally your comment may be held up while it is being reviewed, but we’re working as fast as we can to keep the conversation rolling.
The SmartCompany comment section is members-only content. Please subscribe to leave a comment.
The SmartCompany comment section is members-only content. Please login to leave a comment.