A star programmers must not seem to justify the vulnerability can be. For the attack on the Apple phone are just basic programming of Internet sites necessary, they say. Three lines of program code should suffice. Affected were all previously sell the iPhone. That confirmed the Fraunhofer Institute for Secure Information Technology SIT in Darmstadt, whose staff discovered the vulnerability have on Thursday.
Like the works in practice, demonstrated Dirk Kuchel, editor at the computer screen, "in a video. On his computer, he writes an e-mail to his iPhone. Their contents: a few petty rows and a link to a malicious website. When he was the link clicked on its iPhone, he immediately loses control of the device. Self-elect the cell phone one on the website deposited number. The screen is white, the iPhone responds to no more input. Only when a call is made, the screen again released.
In the experiment, the editor only his own cell phone to call in case of emergency but as a call could be expensive. Kuchel: "Of course, criminals could also an added number and then the times per call cost 30 euros."
The method itself is almost as old as the Internet itself years ago when you still using dial-up modem line went, Dialers made known programs fat booty. They are as viruses nesting on a host PC. With each attempt by the user, is to connect to the internet, guided them to dial commands on a fee-number order, were the only connection. That something fishy was noted most of the victims until the next phone bill - the worst in four cases, the amounts could TISSUE.
According to SIT is a similar vulnerability in the iPhone a year ago have been discovered. Apple has released an update was released to Abzock further attempts to stop advance. Similarly, it should happen again this time. Already a month ago, the Institute has Apple on this issue without the public aware of this.
Apple is now planning on Friday an additional update to publish, even with the renewed vulnerability is stopped. The improved software will probably as usual on Apple's iTunes software will be available. iPhone users are therefore advised her cell phone on Friday at least once with your computer to connect to the update aufzuspielen. Until then you should hold it back, links in e-mails of unknown origin concern.
But this tip applies anyway, regardless of current threats.
Addendum: The update to the iPhone software version 2.2 is since Friday morning for download via iTunes ready. Besides some detail improvements, the new software patches for all known security vulnerabilities.
No comments:
Post a Comment