SMS Hack Could Make iPhones Vulnerable 254
mhx writes "A single character sent by text message could allegedly compromise every iPhone released to date. The technique involves sending only one unusual text character or else a series of 'invisible' messages that confuse the phone and open the door to attack. Apple has not released any updates yet, so little can be done, except to power off your iPhone to avoid being hacked."
Binary Encoded Messages (Score:5, Interesting)
Re:Binary Encoded Messages (Score:5, Insightful)
This was detailed a few days ago -- more details on http://www.computerworld.com/s/article/9136008/Some_SMS_networks_vulnerable_to_attack [computerworld.com]
How many times it needs to be said.. *never* trust the client.
Re:Binary Encoded Messages (Score:4, Informative)
Re:Binary Encoded Messages (Score:5, Informative)
Re: (Score:2)
Re:Binary Encoded Messages (Score:5, Insightful)
In other words, Android, the open platform, patched before iPhone, the closed platform.
Yet I still occasionally run into people trying to claim that the iPhone being closed is somehow good, as it's more secure.
Re: (Score:3, Insightful)
Those are other claims. If you want to talk about them, we can, but it's getting a bit offtopic.
It seamlessly syncs with my calendar, address book, etc.
Is that not true on Android?
Browsing the web works quickly and pages render pretty well.
Are you really going to tell me that's unique? Both Android and iPhone use Webkit-based browsers.
Even in the event that my iPhone gets hacked by a vulnerability apple fails to fix, I won't regret my decision.
That sounds very much like a fanboi or astroturf position. You won't regret it? Not even for a moment?
Tell me... just how much would Apple have to screw up for you to regret it?
There's no worthwhile information on it to steal, and it gets backed up every time I plug it in (every day).
That tells me you're either naive or a naive asshole.
Suppose someone cracks your phone and uses it to send thousan
Re: (Score:2)
What about the Pre?
Nothing about that in the article.
Re:Binary Encoded Messages (Score:4, Funny)
Nope, the 3 Pre users are completely safe. They only text amongst themselves.
Re: (Score:3, Interesting)
Correct me if I'm wrong, but since the SMS messages have to go through the carrier towers, can't this character be "cleaned" from the message there before it even hits the phone?
What if I want to use that character legitimately?
Re: (Score:3, Insightful)
If there is a vulnerability with said character, then just using it would not be legitimate until the problem was fixed on the phone firmware.
I haven't seen anything saying what the character is (and more saying that the character being displayed is just a side effect of the crack, not actually the vulnerability). But, that aside, if a legitimate character affects a vulnerability on a *single device*, the service provider has no business breaking legitimate uses of that character by the majority of people (i.e. those that don't own an iphone).
As much as you may like to believe that there is no legitimate use for non-ASCII characters, you are wro
Re: (Score:3, Funny)
I already get pissed off that there is no way to enter a "Å" character into my P900
Seems Slashdot is also broken at handling unicode characters - that is supposed to be a "Y" with a "^" accent.
Re: (Score:2)
"SMS Hack Could Makes iPhones Vulnerable" (Score:5, Funny)
Re: (Score:2)
RTFA. It's from one of the newer Slashdot editors, T0k1WAR2th.
Re: (Score:2)
Good one.
App Store (Score:5, Funny)
Want to pwn every apple smartphone in the world?
There's an app for that.
Re:App Store (Score:4, Insightful)
Re:App Store (Score:5, Insightful)
So, never.
fixed that for you :D
Re:Beer summit (Score:4, Funny)
BEEP BEEP
I AM AC
I AM A ROBOT
I HAVE A ROBOT VAGINA
BOOP
Filter error: Don't use so many caps. It's like YELLING. I AM NOT YELLING I AM A ROBOT THIS IS HOW ROBOTS TALK BOOP
Text character? (Score:5, Funny)
The technique involves sending only one unusual text character
Let me guess: "Q". Damned "Q".
Re: (Score:3, Funny)
I guess he got bored of annoying only a handful of starship captains.
Re:Text character? (Score:4, Funny)
Thanks a lot ass^7'89-NO CARRIER
Re:Text character? (Score:4, Interesting)
Re: (Score:2)
Re: (Score:2, Insightful)
How do we keep making the same design mistakes?
Re:Text character? (Score:4, Funny)
Because it's easier for me to test, dammit.
I make all these fucking routers and cable modems and shit by hand. Maybe if one of you fuckers would help me we wouldn't have this problem.
Read about this yesterday (Score:5, Informative)
FYI: It's not that one character can break your iPhone, it's about 512 text messages sent at your phone, causing certain buffer overflows. The proof on concept ended up where the slew of messages (apparently arrived at originally by fuzzing) winds up only showing one visible character (appears as a box).
The author said that it could probably be refined so that it wouldn't send anything that would show up.
500 or so un-seen text messages, and you're iPwned.
Gotta love the Black Hat Briefings.
Re:Read about this yesterday (Score:4, Funny)
500?! Egads, that's gonna cost a _fortune_ at today's txting rates!
Re: (Score:3, Funny)
unless you have an unlimited plan.
Re: (Score:3, Insightful)
Re: (Score:2)
Say I don't have an unlimited plan (which nearly everyone does, but..)
SMS costs £0.04 on average. Let's say you're on a really expensive pay as you talk plan and it costs 3 times that.. so £0.12.
£60
Hardly a 'fortune' if you're planning to take out a phone anyway.. and unlimited plans on pay as you talk cost far less than that anyway so you'd never pay that even in the worst case.
Re: (Score:2)
...and the carrier doesn't have a facility in place for limiting the number of text messages sent to a particiular device in a given time frame? say max of 1 in any 2 second interval??? ...and they can't simply block SMS messages that contain non-standard characters in certain known formats that could be exploits??? i know they can filter by sender, receiver, zip code, and pretty much any other relational expression i could come up with. Prior to getting my iPhone, i auto-blocked everything text related
Re: (Score:2, Insightful)
There is a confusion of functions here. The purpose of a carrier is to carry messages, not to refuse them. Much better for the carrier to do its job and let the client decide whether or not it wants to accept the message.
Re: (Score:2)
Yeah, and with the service I get, they'll send them to me and I'll only get half of them, then I'll get 2 more a week every week, all out of order.
Is this why they were distracting us yesterday? (Score:5, Interesting)
As I recall Apple (DRM) was stating that jailbreaking cellphones was something to be done by terrorists who want to destroy cellphone infrastructure.
Interesting that a SMS message can destroy apples;)
Re:Is this why they were distracting us yesterday? (Score:5, Insightful)
Actually, that's exactly what I was thinking.
Once you've taken over someone's iPhone in this manner, it seems to me you've got more power to use the thing than the original owner had (unless they had Jailbroken their phone already).
Interestingly enough, this vulnerability is in the factory-spec iPhone - it doesn't require it to have been jailbroken.
So, yeah, Apple claims they're jailing your phone to protect you from bad guys and to protect the infrastructure from you, but this goes to prove that the only thing they're protecting are their (and AT&T's) pockets.
All this from a company where the CEO's liver is replaceable, but the battery in your phone or laptop is not.
~ducking~
Re:Is this why they were distracting us yesterday? (Score:5, Funny)
The battery in the iPhone and laptop are replaceable, just not by the owner. This was also the case for Steve's liver. JOKE FAIL.
<\memekiller>
Re: (Score:2, Funny)
A sufficiently experienced user can replace his liver; I'll bet Steve Wozniak could do it.
Re: (Score:2, Insightful)
A sufficiently experienced user can replace his liver; I'll bet Steve Wozniak could do it.
Yeah, but it would void his warranty
Re: (Score:2)
Re: (Score:2)
Aside of the stupid joke about a man's health. I agree with everything.
Lots can be done... (Score:4, Interesting)
So little can be done, except power off your iPhone to avoid being hacked
Little can be done... except block such messages entirely at the provider level. When the attack vector is clearly defined, it's easy to scan for it.
Re:Lots can be done... (Score:5, Insightful)
Little can be done... except block such messages entirely at the provider level. When the attack vector is clearly defined, it's easy to scan for it.
Or, maybe the iphone SHOULDN'T EXECUTE UNTRUSTED UNSIGNED UNAUTHENTICATED CODE THAT ARRIVES BY SMS.
Or maybe google will use this flaw to deploy google voice onto iphones now that apple banned them.
Isn't it sad that EVERYONE ELSE has more control over the iphone than fanboi who bought it.
Re: (Score:2)
Except that since the carrier gets $0.15 per msg here in the good old US, they have no incentive to block these messages. In fact, many of them have insisted that they have no ability at all to identify and block individual messages.
Re: (Score:2)
In fact, many of them have insisted that they have no ability at all to identify and block individual messages.
They may be telling the truth that they don't have that kind of capabilities. However, that's just an obvious implementation oversight. For something as much an embedded system as a cell phone (lacking firewalling capabilities on its own) and tied so closely to the cellular networks, they should have designed something akin to snort rules for anything in packet based communications so they could filter attacks at the network level. It's not rocket science. It's just how you protect networked systems tha
Re:Lots can be done... (Score:4, Interesting)
Re: (Score:3, Informative)
That makes absolutely no damned sense. At some point it has to hit the carrier's network, otherwise the phone can't receive it in the first place.
Re:Lots can be done... (Score:4, Informative)
Re:Lots can be done... (Score:4, Insightful)
Right-click, wha? (Score:5, Funny)
Re:Right-click, wha? (Score:5, Funny)
In other news... (Score:5, Funny)
Re:In other news... (Score:5, Funny)
i see what you did there. Awesome. :)
Mod funny please.
Re:In other news... (Score:5, Funny)
Mods: I think he was referring to the parent above him for the "mod funny" comment.
Re: (Score:2, Funny)
Mod parent funny!
Re:In other news... (Score:5, Funny)
Mods are on crack today!
Mod parent funny!
Re: (Score:2, Funny)
Re:In other news... (Score:5, Funny)
Re: (Score:3, Insightful)
The parent wasn't trying to be funny, please mod Insightful.
That's okay. (Score:5, Funny)
Re: (Score:2, Insightful)
Does someone need a hug?
The series of invisible characters (Score:5, Funny)
It is here:
Re: (Score:2, Funny)
Well... (Score:2, Insightful)
Re: (Score:3, Funny)
Won't someone think of the cell phone towers? (Score:5, Insightful)
If this hack lets unapproved apps run, then what's going to keep the cell towers from being shut down on a massive scale? Doesn't this make Apple guilty of harming national security?
Re: (Score:2)
Doesn't this make AT&T guilty for allowing texts in the system that could not be possibly sent by human beings? SMS is by policy not to be used by automated systems without AT&Ts express authority. Why is this Apple's fault (Or google's, since it also effects Android, and I'm sure shortly will be ANOTHER hack effecting symbian via SMS).
Why worry? (Score:5, Funny)
Re: (Score:2, Funny)
I, for on am not concrnd. It's simply a mattr of not snding that charactr. Crtainly, a company lik Appl can hav it xcludd from th alphabt. And thn w can just gt on with our livs, njoying our iPhons.
What happns whn th hackrs dcid to switch to a diffrnt charactr? How will Appl rspond thn?
I, fr n am nt cncrnd. It's simply a mattr f nt snding that charactr. Crtainly, a cmpany lik Appl can hav it xcludd frm th alphabt. And thn w can just gt n with ur livs, njying ur iPhns.
What happns whn th hackrs dcid t switch t a diffrnt charactr? Hw will Appl rspnd thn?
h.
Re: (Score:2)
What happns whn th hackrs dcid to switch to a diffrnt charactr? How will Appl rspond thn?
'' guss Appl wll rally b fuckd f ts th '' n ''Phon.
Re: (Score:3, Funny)
What happns whn th hackrs dcid to switch to a diffrnt charactr? How will Appl rspond thn?
ppl will kp rmving chrctrs frm th lphbt. Thy r ppl. Thy cn d whtvr thy wnt.
Re: (Score:2)
Your sig mad my iPhon cordump. Stv Jobs nds to snd you in for rducation in th ways of Appl.
Re: (Score:2)
makng
The Secret string is: (Score:5, Funny)
+++ATH0
Here's what to do (Score:5, Funny)
Re: (Score:2)
I get the reference, and I can't praise that book highly enough.
Re: (Score:2)
Damn. I'm gonna go re-read that. Thanks for reminding me!!!
Proverbial wisdom strikes again (Score:2)
So, one rotten character is spoiling the bunch, then?
As Per (Score:2, Insightful)
So, is the iPhone the only phone that matters, or is it just too hard for submitter NOT to use Apple and the iPhone to get attention?
Re: (Score:2)
Threat to cell phone towers (Score:2)
what the godd*mn hell (Score:2)
Whether you are a carrier of cellular service, or a provider of phones, seeing as you want to totally take control away from your clients, then you best make sure YOU'RE up to date with security, else face a multi-faceted lawsuit.
Being that TELUS closes off access to such things as phone configuration where you could just disable your SMS service if you wanted to, then the onus falls on them to incorporate better security.
As well having an iPhone means you are bound to the terms laid down by Apple, which me
Perhaps the more ridiculous thing (Score:3, Insightful)
Is you can't turn off SMS on the iPhone. At least I haven't found out how. I don't particularly like SMS, it costs me money to receive texts, and I have an flippin iPhone, why would I need it when I can email, IM, tweet, etc? Yet here we have an SMS back door and the only solution is to shut down the entire phone because there's no way to disable SMS by itself.
Re: (Score:3, Insightful)
But please let me turn this off!
Re: (Score:3, Informative)
You can turn off SMS: contact AT&T and tell them to disable SMS for your phone number. This is exactly what I've done and I highly recommend it. I save $5/month in texting charges, and I can still send and receive texts for free. Here's how:
1. Sign up for Google Voice.
2. Tell people your new Google Voice "texting" number (and use it for voice if you want).
3. Buy Prowl at the App Store for $2.99
4. Push your Google Voice SMS messages to your iPhone via Prowl. You can do it with Fluid and a script [morouxshi.com] on a Mac
Re: (Score:2, Interesting)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
No.
The T(ranny) Mobile sued them away for stealing their name.
Same reason there's no Oscar Meyer Wiener Mobile in SF.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
I'm pretty sure he means Canada, and he is just upset that Rogers new 20Mbps 3G network isn't supported by his iPhone.
Re:Weird article. (Score:4, Insightful)
This is remote code execution and extremely serious. The headline is understated for the possible severity of the impact. In other words: if Microsoft had the dominant smartphone on the market with the image the iPhone has, you know this crowd would be screaming bloody murder and piecing together fallacy-ridden freshman-level rants on monopolies.
Re: (Score:2)
Symbian's marketshare is much lower in the United States. Also, Symbian's almost-50% marketshare is in the smartphone market, not in the overall cellphone market.
Re: (Score:2)
It's much higher in the cellphone market. Can't remember when I last saw a non-smartphone that wasn't some brand of Nokia.
Re: (Score:2)
Not all Nokia phones run Symbian. Nokia's worldwide marketshare last quarter was 38%, down from 40% a year ago. Meanwhile, Samsung and LG are growing in marketshare.
And Nokia isn't very successful in the USA.
Re: (Score:2)
Non-smartphone Nokias don't run Symbian (also, you haven't seen any Ericsson or Motorola or Samsung or LG non-smartphones recently? Really?).
Re: (Score:2)
Why should Apple fix it?
Can't AT&T realize it should not be possible to deliver 500 texts to a device in such a short period, and stagger them say at not more than 1 text per 2-3 seconds? Can't they also filter "malformed" text messages that pass in their own system? TFA also states this effects Android too, not just iPhone, and it;s in their own interest, considdering this could cause a text storm and cause network bottlenecks and disruption to the whole system, to prevent such types of attacks from
Re: (Score:2)