Monday, May 21, 2012
   
Text Size

Make Home Page     Register for FREE!     Advertise with Us    Add Story    Contact Us

Security Flaw for the iPhone 4

PDFPrintE-mail

Written by alec Wednesday, 04 August 2010 19:09

Security firms are claiming that the new Apple iOS for iPhone, iPad and iPod could be at risk for a security break.

Symantec says that remote attackers could exploit the weak point and take complete control of a device.

Currently, experts say the the problem only exists on paper, but Apple needs to fix the issue before it becomes a real problem.

Apple says that the company was aware of the report and are investigating the issue.

The problem is the way in which Apple's Mobile Safari handles Adobe Acrobat PDF documents.

A hacker could imbed malicious code into a file, and the browser automatically loads PDF files.

A computer security expert with Sophos, Graham Cluley, said that the security hole used the same principle as Jailbreakme, a utility allowing iPhone 4 owners to run non-Apple Approved applications, although it uses the exploit in a non-harmful way.

"It uses the same tricks as you do when jailbreaking," said Mr Cluley.

"We always thought that Apple's Mobile Safari would be the main vulnerability.

"At present, we have yet to see any of these exploits out in the wild, but it is only a matter of time," he warned.

Ironically, the only way of preventing the Mobile Safari from automatically opening PDF files is by jailbreakinf the phone and installing the app, called PDF loading Warner, that then asks for permission to open a PDF file in the future.

"I personally wouldn't want to jailbreak my phone to get the fix," said Mr Cluley.

He suggested that users may want to switch to an alternative broswer, like Opera, although, he stressed that they had not yet checked those apps for security problems.

"Right now, its all eyes on Apple who we hope are going to fix this problem as soon as possible.

"Historically, Apple have been slow to fix problems on their Mobile browser.

"This has been a concern of ours in the past and continues to be," he added.

In an ironic Twitter post, one of the Jailbreakme developers, who uses the name “comex” speculated, "how long until a fix is released?"

Apple has yet to release a patch that would either prevent Jailbreak from working or close the hole in security.

Science Headlines

  • Elusive 'Asian Unicorn' Faces Extinction

    Elusive 'Asian Unicorn' Faces ExtinctionThis month marks the 20th anniversary of a spectacular day for zoologists. Two decades ago, in May 1992, scientists announced the discovery of a new species — the saola — living in the lush mountain forests that straddle the Vietnam-Laos border.


  • Despite Legal Challenge, Tyrannosaur Sells for $1 million

    Despite Legal Challenge, Tyrannosaur Sells for $1 millionNEW YORK — A nearly complete tyrannosaur skeleton has sold for just over $1 million, in spite of a call to halt its auction because the fossils may have been taken illegally from Mongolia.


  • Viewing events, eyewear urged for 'Ring of Fire'

    File-In this Jan.15,2010 file photo showing a combination of three separate photographs, the various stages of an annular solar eclipse seen over Anuradhapura, Sri Lanka. An annular solar eclipse occurs when the moon blots out all but a ring around the sun. This year's solar show can be viewed from eastern Asia to parts of North America. (AP Photo/Eranga Jayawardena,File)Parts of eastern Asia were being treated to a solar spectacle as the moon slid across the sun, creating a "ring of fire." Sky-watchers in the western U.S. awaited their turns as the rare phenomenon was due to move over the Pacific and toward them later Sunday.

© 2009 Homepage, Inc. All Rights Reserved.

Sign In/Out