iPhone SMS vulnerability allows eavesdropping

Wooops! Charlie Miller, OS X security expert, discovered a rather serious flaw in the SMS-part of the iPhone and presented his findings at the SyScan conference in Singapore recently.

The hole in the SMS software allows for a remote person to run software code on the iPhone and monitor the location of iPhone using GPS, turn on the phone’s microphone and eavesdrop on conversations. Or even make the iPhone join a denial of sevice attack or botnet. All by sending an SMS over a mobile operator’s network.

Apple hopes to address the vulnerability within the next few days. I hope so too!

Leave a Comment