Hackers could enslave iPad, iPhone: security firms
A salesman displays an Apple iPad during its launch in Brussels July 23, 2010.
Credit: Reuters/Thierry Roge
BOSTON |
BOSTON (Reuters) - A newly discovered vulnerability in the software that runs Apple Inc's iPad and iPhone could allow hackers to enslave the popular mobile devices, three security firms said on Tuesday.
The flaw affects Apple's iOS, which also runs the iPod touch, and could allow hackers to take complete control of a vulnerable device, according to Symantec Corp as well as privately held Lookout and Vupen.
Apple spokeswoman Natalie Harrison said the company was aware of the report and is investigating.
The vulnerability in Apple's iOS is the latest in a series of security bugs identified in mobile devices over the past week. Security experts at a hacking conference last week pointed out several vulnerabilities in Google Inc's operating system for mobile phones and tablet PCs.
Mobile devices have become increasingly vulnerable to attack because the software that runs them has gotten far more complex over the past few year, giving the devices many of the same capabilities as personal computers.
"We shouldn't be surprised to see security bugs happen in very complex software," said Kevin Mahaffey, chief technology officer for mobile security firm Lookout.
Attackers would need to trick a user into visiting a website planted with a tainted PDF document before infecting an iPad tablet or iPhone smartphone.
Mahaffey said that he is not aware of any incidents in which criminals have exploited the bug to gain control of an Apple device, but said the electronics maker has yet to offer a remedy to protect against such attacks.
"Everybody -- both good and bad -- knows how it works," he said.
(Reporting by Jim Finkle; editing by Andre Grenon and Robert MacMillan)
- Tweet this
- Link this
- Share this
- Digg this
- Reprints
Did Jim Finkle just buy stock in Symantec (SYMC‎)?
Symantec has made a product that should be used on a Mac product in this century!
Or are they about to unleash the iPad. iPhone, and iMac hacks that will be able to attack Apple software directly.
Why do we always have to keep clumsily enhancing all those things to get to the point of risking viruses, security breaches, etc ?
Anyway, we should probably not browse banking sites or other sensitive things from the mobiles. Not yet. The industry is not mature enough.
And the limit concept explained by the previous poster sounds very appealing. Thanks for sharing that Q
Available resources should indeed always have checks and limits.
“Security experts at a hacking conference last week pointed out several vulnerabilities in Google Inc’s operating system for mobile phones and tablet PCs.”
It’s not surprising that one could “enslave” an iPad or iPhone–they come pre-enslaved (they don’t call it jailbreaking for nothing). It’s just a matter of changing the party in control, something you’re powerless to fight off because as the customer, you never get to be that party.
Also, apple products making Adobe products look bad? I hate to be a conspiracy theorist but… isn’t that coincidental. Next week: further iPad vulnerabilities found in Flash code.
Follow Reuters