iPhone Security Flaws Exposed

A team of computer security consultants, according to The New York Times, has found a significant security flaw in one of the hottest items this summer: Apple's iPhone.

According to consultants working for Baltimore-based Independent Security Evaluators, a computer security firm, the iPhone was susceptible to being hacked when the phone's user connected to the Internet over a WiFi connection or surfing onto a bogus site where malicious code was installed. Once inside the phone, the invader has access to whatever personal information is stored in the phone.

A demonstration showed what a hacker can do when he commandeers an iPhone:

The phone promptly followed instructions to transmit a set of files to the attacking computer that included recent text messages - including one that had been sent to the reporter’s cellphone moments before - as well as telephone contacts and e-mail addresses.

"We can get any file we want," [Charles Miller, chief security analyst for ISE] said. Potentially, he added, the attack could be used to program the phone to make calls, running up large bills or even turning it into a portable bugging device.

For the Website and related technical paper explaining the iPhone's vulnerabilities more fully, click here and here.