CSE Wings of FIRE
unread,Nov 5, 2010, 3:52:50 AM11/5/10Sign in to reply to author
Sign in to forward
You do not have permission to delete messages in this group
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to Ultimate wing of science
BOSTON: A newly discovered vulnerability in the software that runs
Apple Inc’s iPad and iPhone could allow hackers to enslave the popular
mobile devices, three security firms said.
The flaw affects Apple’s iOS, which also runs the iPod touch, and
could allow hackers to take complete control of a vulnerable device,
according to Symantec Corp as well as privately held Lookout and
Vupen.
Apple spokeswoman Natalie Harrison said the company was aware of the
report and is investigating.
The vulnerability in Apple’s iOS is the latest in a series of security
bugs identified in mobile devices over the past week.
Security experts at a hacking conference last week pointed out several
vulnerabilities in Google Inc’s operating system for mobile phones and
tablet PCs.
Mobile devices have become increasingly vulnerable to attack because
the software that runs them has gotten far more complex over the past
few year, giving the devices many of the same capabilities as personal
computers.
“We shouldn’t be surprised to see security bugs happen in very complex
software,” said Kevin Mahaffey, chief technology officer for mobile
security firm Lookout.
Attackers would need to trick a user into visiting a website planted
with a tainted PDF document before infecting an iPad tablet or iPhone
smartphone.
Mahaffey said that he is not aware of any incidents in which criminals
have exploited the bug to gain control of an Apple device, but said
the electronics maker has yet to offer a remedy to protect against
such attacks.
“Everybody — both good and bad — knows how it works,” he said.