Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×
Communications Iphone Security Apple

Malicious Websites Can Initiate Skype Calls On iOS 177

Posted by Soulskill
from the buck-passing dept.
An anonymous reader writes "In this article, security researcher Nitesh Dhanjani shows how iOS insecurely launches third-party apps via registered URL handlers. Malicious websites can abuse this to launch arbitrary applications, such as getting the Skype.app to make arbitrary phone calls without asking the user. Dhanjani 'contacted Apple's security team to discuss this behavior, and their stance is that the onus is on the third-party applications (such as Skype in this case) to ask the user for authorization before performing the transaction.' He also discusses what developers of iOS apps can do to design their software securely and what Apple can do to help out."
This discussion has been archived. No new comments can be posted.

Malicious Websites Can Initiate Skype Calls On iOS

Comments Filter:

He: Let's end it all, bequeathin' our brains to science. She: What?!? Science got enough trouble with their OWN brains. -- Walt Kelly

Working...