Safari exploit gives hackers full control over iPhones and possibly PCs and Macs
Oops, researchers just unveiled a pretty serious security vulnerability in the iPhone. More specifically, it's Apple's Safari web browser which exhibits the vulnerability. Researchers at Independent Security Evaluators have used the vulnerability to take malicious control of the iPhone from rogue websites loaded with the exploit. Once in, researchers have full administrative access over the phone allowing them to listen in on room audio or snatch the SMS log, address book, call history, email passwords and more -- we're talking full access to your phone. Researchers note that the only way to stay safe is to check those URLs and only visit sites that you trust (which isn't very reassuring) and "may or may not be exploitable" from Mac and PC versions of Safari -- the same vulnerability exists only they haven't written the proof-of-concept exploit to test it yet. Apple has been notified of the vulnerability and a proposed fix with full public disclosure coming at the BlackHat conference on August 2nd. You listening InfoSec Sellout? That's how you report a bug. Check the exploit in video form after the break. [Via MacRumors]
Filed under: Cellphones, Desktops, Laptops, Portable Audio, Portable Video
Reader Comments (Page 1 of 2)
Iain @ Jul 23rd 2007 3:53AM
Amazing.
iPoo for iPhone @ Jul 23rd 2007 4:02AM
"Researchers note that the only way to stay safe is to check those URLs and only visit sites that you trust"
Actually the only way to stay safe is to stay away from that iTurd of a cell phone.
Chris @ Jul 23rd 2007 5:32AM
awww, you still with verizon?
Jamar @ Jul 23rd 2007 6:49AM
Probably not. There are only 5 carriers that guy could be on (none of them available in America in their original forms) that would qualify him to call the iPhone an iTurd-SK Telecom, KTF, DoCoMo, Softbank, and au(KDDI).
Mrmean @ Jul 23rd 2007 8:00AM
aww, still butt hurt over the iPhone?
Jamar @ Jul 23rd 2007 4:57PM
You just try searching "KDDI" over on Engadget Mobile and tell me with a straight face that you think I want the iPhone over any of those phones.
evo @ Jul 23rd 2007 4:06AM
So if this is true, clearly the iPhone has been completely hacked. Now someone just needs to turn that exploit into a way to do some useful customization of the iPhone.
Gil @ Jul 23rd 2007 4:19AM
Uhm... who said anything about windows?
Inferiority complex?
Edd Mills @ Jul 23rd 2007 4:22AM
Ha! I can't believe you actually posted this. I knew you fanboys would jump to Apple's defence. It may only be one exploit, but it's still important especially considering it can affect the iPhone. And as Gil said, no one even mentioned Windows, so keep your shirt on.
revs @ Jul 23rd 2007 4:35AM
Oh dont even start the Windows/Mac exploit crap. Its a computer, all computers are suceptable to virii.
Jesse S @ Jul 23rd 2007 4:39AM
Especially computers that run OS's that believe in security through obscurity.
Miles @ Jul 23rd 2007 4:47AM
Name one virus that was widespread on the mac since 1984.
Oh wait you can.
Shut up now.
Miles @ Jul 23rd 2007 4:47AM
can't*
saaaa @ Jul 23rd 2007 5:19AM
maybe because so few people use macs, Miles?
I don't mean to bash, it's just a fact.
Sean @ Jul 23rd 2007 5:23AM
miles: google for "Init 29 virus"
Ignorant fanboy.
Cameron Campbell @ Jul 23rd 2007 10:07AM
Miles? autostart. That was 1998, which is manifestly after 1984. Just so we're clear, I'm all mac all the time, but I'm realistic. Part of the lack of viruses is because of market share, part of it is because the OS itself (Jesse S, can you please show us all where security through obscurity is an official Apple policy??) and part of it is because the windows world seems to remain a target rich environment.
DoucheCrew @ Jul 23rd 2007 10:12AM
@ miles
"Name one virus that was widespread on the mac since 1984."
May, 1998 - AutoSart worm , aka AutoStart9805
@saaaa
15 million is "few' to you?
Wish I had a penny for every mac user...
No, a big reason there were so many more Windows viruses is poor engineering. Deal with it, MIcrosoft's first concern is profit, always. They'll fix the bugs after they become a problem, rather than write decent code in the first place.
saaaa @ Jul 23rd 2007 11:24AM
Yes DoucheCrew, few. As someone already stated, that's not much when comparing with the number of people who uses PCs. I believe that is mostly due to their pricing... I know I'd buy one (but I'd be using OSX as secondary), but I'm not going to spend that much money on looks. Especially when there are plenty of cheaper options and just as good.
paloooz @ Jul 23rd 2007 11:47AM
Wow Miles, you're really making a name for yourself today.
Jesse S @ Jul 23rd 2007 4:37AM
WOW! WHAT A GREAT DEVICE! Let's see, no support for this, no support for that, shitty sound quality, exploits, etc.
BUT OMFG IT HAS A GRATE UI AN DESIGN!!!!1!!!!!1111!!!11
I'll happily wait for my i760 or vx6800 on the superior CDMA networks.
Ryan @ Jul 23rd 2007 6:10AM
You fail.
Gary Meyers @ Jul 23rd 2007 8:31AM
OMFG, I just checked the specs on both phones you mentioned. Although I tried to stay away from the iPhone till version 2, I was able to play with some co-worker's iPhones. Now after having one for over 2 weeks, it's obvious you haven't even seen one in RL. Or you just aren't that interested in high quality movies (640 x 280 on a 3.5" screen) , music, (real) web browsing, multiple email accounts, satellite/google maps (with built in auto locaters for instant web connection or instant phone calling) , 2 megapixel camera, full address book (including photos), with one button push to both email or phone, One button iChat like SMS, calendar, weather reports, stock reports, YouTube and I can go on and on. And I have yet to get one complaint about the sound quality. Okay, edge technology isn't the greatest ATM but 99% of the time I find a WiFi hotspot and with over 1 million new subscribers, I'm sure AT&T now has some new cash flow to work this out. So good luck with your tiny screen and limitations Verizon puts on your options. I love my new iPhone. Cheers!
dude @ Jul 23rd 2007 11:41AM
"Superior CDMA networks" eh? You sir are an idiot. CDMA is backwards bullshit. GSM is truly the way to go, for the international traveller. Verizon only recently introduced a World Blackberry oh yeah, and what technology does it switch to when overseas? GSM! Qualcomm may come up with cool stuff but right now it needs to wrench its head out of its ass and drop this CDMA crap.
Miles @ Jul 23rd 2007 4:13PM
@Gary
Sorry, but PDAs have better web browsing than the iPhone
iPhone doens't have real browsing, even me, a fanboy, knows that.
Call me when I get flash and javascript (Like on my PSP)
Mr. @ Jul 23rd 2007 4:57AM
I would be concerned if Apple was known to let such exploits go unfixed. With that in mind, i dont see this as too big of a deal as long as Apple resolves it with a software update. Not like they released the code of the exploit on the internet for any and everyone to use at their own will...
Paul @ Jul 23rd 2007 5:07AM
"Name one virus that was widespread on the mac since 1984."
I think macs would have to be widespread before you could consider a mac virus widespread
Blackster @ Jul 23rd 2007 5:49AM
Elk Cloner was the first virus recorded and guess for what system? apple II ;)
Leonard Nimrod @ Jul 23rd 2007 5:56AM
Widespread among the Mac community is what he meant.
There have been plenty of viruses affect the Mac platform prior to OS X. These were much more rampant after the internet became common, but they still existed in the 1980s.
The "security through obscurity" argument holds no water as OS X has a much greater marketshare now than it ever had with System 7 (which had plenty of viruses) and OS X does not have 5% of the viruses. It is just FUD propaganda perpetuated by MS apologites.
Furthermore, if marketshare is the key, then MS' ISS should be airtight as it's not the most popular web server, but its not.
DIMEBAG @ Jul 23rd 2007 10:14AM
Why wouldn't somebody be compelled to write exploits for the Mac OS? Even though Apple has such a small market share, it's still millions of users, whose money and personal info is just as valuable as any Windows/Linux user's. Actually Mac user info is probably more valuable since research has shown that people who use Apple products have more disposable income. The whole security via obscurity theory is bullshit… Criminals really don't give a shit about what OS a potential victim is using, unless it is less secure. Which there are less secure OS's out there… Just out of curiosity, how many exploits are there for Windows mobile? No need to flame or bash me, I'm attempting to use logic and reason to make sense of some of the comments above
Romey Rome @ Jul 23rd 2007 12:28PM
@ Dimebag
"Actually Mac user info is probably more valuable since research has shown that people who use Apple products have more disposable income."
I'm pretty sure that the mean income of the victims is irrelevant as most viruses/trojans are merely used to replicate and cause as much widespread damage to as many users as possible.
John @ Jul 23rd 2007 10:17PM
No, the 'small marketshare' argument is something that's both true and relevant. Macs have 5% marketshare. Windows has something like 90%. Unless your average mac user is 18 times wealthier than your average windows user, then you're better off targeting windows users. to quote terry pratchett, there are a lot more poor people than rich people, and it's easier to get money out of em.
docrock @ Jul 23rd 2007 6:28AM
The main points here are it is just a video, edited at that. Not one that shows the two sides of the exploit side by side so it could be made up. Most likely not but could be.
Secondly, the iPhone is software update friendly so this and any exploits can be fixed very easily and will be soon.
Third, If it has a computer it can be exploited! Coke Machines, Slot Machines, Cars, Phones and whatever else. So what the number of people who know how to actually do anything with the information exploited is far less then the apparent fear is portraying.
Look the phone is getting a lot of attention from both haters and lovers and all in-betweeners. If you really hate the device and Apple so much the best way to make an impact on the anti-iPhone mission is to stop reading these articles, filter iPhone from you mind, ignore it, and stop commenting on it. You antagonist are doing more for the craze, hype or whatever you want to call it than the millions of us who already bought an iPhone.
I got my phone and yes i love it,
No, i'm not a fanboy,
No, it ain't perfect by any means,
Yes, it does what it is supposed to do for the market it was intended for, neophytes and gadgetaphiles
Yes, it was expensive,
Yes, it will be updated
Yes, it will be hacked, and updated again and the cycle will continue
Really if you don't like it than just stop hating it and the hype will go away.
derek @ Jul 23rd 2007 12:01PM
smartest comment yet. cheers!
@ngel @ Jul 23rd 2007 6:50AM
I had the new on my blog one day before MacRumors :)
But my blog is in Greek, so you couldn't have read it there... :(
Mojo_Yugen @ Jul 23rd 2007 8:56AM
If you have an exploit that allows you to take complete control over the device isn't one all you need?
TheBigB @ Jul 23rd 2007 9:03AM
Can Miles please be ip banned from each thread where there's a mention of OS's?
Chris @ Jul 23rd 2007 9:20AM
The fact that the iPhone has a vulnerability isn't surprising, most systems do.
What is sad, is that a company whom portrays themselves as:
"Maintaining confidentiality and privacy is of the utmost importance to ISE. The security evaluation of systems and products is a highly sensitive matter, and ISE recognizes that maintaining confidentiality results is critical."
- http://www.securityevaluators.com/profile.html
would publicly disclose this information without working with Apple to first develop a patch.
ISE, if you're reading this, security researchers who follow this kind of business model don't last long in the business.
In full disclosure, I don't own a single Apple product...all my vulnerabilities can be found on other platforms.
dave @ Jul 23rd 2007 11:58AM
I don't think you want to be lecturing ISE on how to do responsible security research. ISE is composed of some of the most respected security researchers in the industry (among them, Avi Rubin). They've been around the industry for a long time. I think they have a pretty good understanding about what responsible disclosure means. You'll note that, in fact, they've already contacted Apple about this issue, and they're not releasing an exploit at this point.
Chris @ Jul 23rd 2007 1:23PM
@Dave. I'm not saying they aren't good researchers, but this was definitely not a responsible disclosure. Responsible disclosure would have been to:
1. Contact the company (possibly propose a fix, as was done in this case).
2. Give the company a reasonable amount of time to respond and acknowledge the vulnerability.
3. Coordinate a public disclosure with a patch availability.
4. Provide a link to the patch from within the vulnerability.
5. Disclose.
Number one and five alone do not constitute a responsible disclosure. These aren't the only smart guys on the planet. There are plenty of people who just need to be pointed in the correct direction to find an exploit.
Under no circumstances should either party be releasing exploit code, before, during or after a coordinated disclosure. It's just not classy to do so.
dave @ Jul 23rd 2007 4:35PM
Given the popularity of the iPhone and the activity currently devoted to prying it open, it is quite likely that issues such as this one are already known among the black-hat community. As such, and in particular given the potential consequences of exploitation, it is reasonable to disclose the issue now, and allow users of the device to modify their behavior to mitigate risk. ISE is doing the community a favor here. Ignorance, in this case, is anything but bliss. How much worse would the situation be, for users and for ISE, if an exploit were delivered into the wild by some bad actor, and it were to subsequently become known that ISE was sitting on knowledge of the vulnerability?
The bad guys never need to be "pointed in the correct direction." They're already headed that way, and the only hope for security is to get there before them.
Chicksta @ Jul 23rd 2007 9:57AM
I heard this driving to work, but they said it'd already been fixed via a push to all of the iPhones. So it's not even an issue anymore.
Your friend @ Jul 23rd 2007 11:13AM
Miles get out of your own butt and realize that it's funny your prceious Apple isn't God and that Microsoft is still better then you.
paloooz @ Jul 23rd 2007 11:45AM
I think what he's trying to say is ... When a vulnerability turns up for Macs, it's all over the internet. Ridiculed, laughed at, "told you so," et cetera. Yet, hundreds of Windows exploits come out monthly and we rarely hear about them. But when he said it, he added about 50 ignorance points and 200 fanboy points.
Rick @ Jul 23rd 2007 11:46AM
apple: crash different...
Loonie @ Jul 23rd 2007 11:49AM
Jeez, easy with the handbags there, ladies.
As for this issue, perhaps it's time the mac users went iFox.
XSportSeeker @ Jul 23rd 2007 12:29PM
Predictable.
Macs, iPhones and general Apple stuff are getting more attention, thus more people will be willing to create exploits and stuff.
People argue a lot over this.
For me, clearly Apple products have a better design. But the main reason why there's not many exploits and virii is because there's far less people interested in spending time trying to develop those to Apple products.
That's the way things work.
This is not the first, and won't be the last problem on Safari, specially now that there's a PC version, thus far more "hackers" willing to mess with it.
Iced_Eagle @ Jul 23rd 2007 1:01PM
So what happened to everyone saying Apple products were secure? ;)
Looks like the hacker community is really starting to get their feet wet and this is probably only the beginning.
rip @ Jul 23rd 2007 5:08PM
No one with half a brain would say Apple products are totally secure.
But the fact is, they are inherently more secure than the majority of Microsoft products.
And practically speaking, by comparing the number of exploits, they are vastly more secure than Microsoft products. There are various reasons, and not all because of Apple engineering, but the reality is, as of now, Apple products are Fort Knox compared to Microsoft products.
However, feel free to woot woot, dance a little jig, whatever, Microsoft fanboys. This appears to be a real and serious exploit, assuming someone hits an unsafe site. However, it will undoubtedly be patched, along with the embedded autodialing from the browser... something else that needs to be patched.
beans @ Jul 23rd 2007 9:36PM
no, comparing the number of exploits says nothing. Microsoft has maany many more products than apple has. Microsoft has been on the front line and run on 90% of all computers for years. They are the fort knox of operating systems. How many security updates has macos had this year? Many time more than windows. by june 1st they had already patched over 100 flaws. Who knows what the number is at now but im guessing the patched another 30 this month. keep dreaming buddy !
JD @ Jul 23rd 2007 1:10PM
Safari on PC is not made for public consumption, IMHO. They released it so that developers could test third party apps in windows using safari, nothing more. That's what I think, but I hope that a patch for this comes around quickly. That's why they conveniently released in a similar time frame that the iPhone was. This is, however, one area where MS does have more experience- fixing bugs. Microsoft is big enough that they have a fix pretty quickly (usually!), but Apple is pretty new to the security problem game, as far as I can tell. Not saying MS is better, just commenting on things. so please don't flame me, lol.