Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

iPhone Trojan Sign of Things to Come?

Zonk posted more than 6 years ago | from the im-in-ur-iphone-removin-ur-apps dept.

151

climber writes "Just days after the first scareware for OSX, researchers are pondering the problems of an iPhone exploit that could lead to larger issues. The Trojan pulls legitimate apps off the phone if you try to remove it, but it only infects iPhones that have 'been modified or opened through a security hole in the system.' Though this worm is more of an annoyance than anything else, it could be a proof of concept for a more serious attack. 'The fear is hackers may be experimenting and gathering research that will increase the dangers of a more malicious attack in the near future. It is clear at least one writer -- the author of this piece at Web Worker Daily -- thinks that the iPhone should be left on the dresser in the morning. She offers several reasons that the device isn't a good corporate tool.'"

cancel ×

151 comments

Sorry! There are no comments related to the filter you selected.

What rock was she hiding under? (4, Insightful)

dreamchaser (49529) | more than 6 years ago | (#22071188)

She offers several reasons that the device isn't a good corporate tool.'"

It's not even a *bad* corporate tool. It's a consumer device and was never meant (in its current incarnation) to be used for corporate uses. You can't even get one if your AT&T number is registered via a business account. It's like saying "this plum isn't a very good orange."

Idiot.

Re:What rock was she hiding under? (4, Funny)

Anonymous Coward | more than 6 years ago | (#22071396)

I'll bet you she's a good corporate tool.

Re:What rock was she hiding under? (1, Funny)

Reality Master 101 (179095) | more than 6 years ago | (#22071412)

It's not even a *bad* corporate tool. It's a consumer device and was never meant (in its current incarnation) to be used for corporate uses. You can't even get one if your AT&T number is registered via a business account. It's like saying "this plum isn't a very good orange."

I don't know about your world, but in my world I use what I buy wherever I want, without permission from corporate overlords who insist my device is only for specific purposes.

It's like saying "this plum isn't a very good orange."

I think a better analogy is buying a 500 HP sports car that could explode if you take it on the freeway, but comes with a little wink-wink tag that says, "this is for street use only."

Re:What rock was she hiding under? (0, Funny)

Anonymous Coward | more than 6 years ago | (#22071984)

I don't know about your world, but in my world I use what I buy wherever I want, without permission from corporate overlords who insist my device is only for specific purposes.

I hope you like that gmail.com address because it's the only .com address you'll ever have with an attitude like that. But keep raging against the KKKorporations there, d00d.

Re:What rock was she hiding under? (2, Funny)

webmaster404 (1148909) | more than 6 years ago | (#22072098)

I didn't know that KDE had an app by the name of Kkkorporation guess Ill have to look at it...

Re:What rock was she hiding under? (1)

mh1997 (1065630) | more than 6 years ago | (#22072418)

I don't know about your world, but in my world I use what I buy wherever I want, without permission from corporate overlords who insist my device is only for specific purposes.
Of course I didn't RTFA, but I would guess is that they meant it shouldn't replace a crackberry as the standard corporate multifunction tool.

A corporation may not tell you what to use and where (although they can and do), but try taking it into a courtroom or other "sensitive" area and you will quickly find out that you cannot use what you buy anywhere you want.

Re:What rock was she hiding under? (4, Funny)

OECD (639690) | more than 6 years ago | (#22071422)

It's a consumer device and was never meant (in its current incarnation) to be used for corporate uses.

Also, it does not toast my bread AT ALL evenly. I am sorely disappointed with my purchase!

Also, what does that link have to do with the rest of the summary?

Re:What rock was she hiding under? (3, Interesting)

arminw (717974) | more than 6 years ago | (#22071466)

.....It's a consumer device and was never meant.....

True, but even so, many executives have bought iPhones and ordered their reluctant IT dept. to support them. When the big boss speaks, most underlings do listen and try to please him/her. So, IT folks out there, you might as well figure on supporting the iPhone, even if Apple doesn't market it for corporate users. The big boss may come in sooner than you figure and DEMAND support for his/her shiny new iPhone.

Re:What rock was she hiding under? (2, Insightful)

Cro Magnon (467622) | more than 6 years ago | (#22071726)

Same Old Stuff. IT should be used to supporting stuff that isn't ready for the Enterprise *cough*Windows*uncough*

Re:What rock was she hiding under? (3, Insightful)

arminw (717974) | more than 6 years ago | (#22072362)

....... IT should be used to supporting stuff that isn't ready for .....

But isn't that the fun and interesting part of an IT job. Coming up with clever solutions that others have not already thought of and pre-chewed and partially digested is what makes the life of a real engineer challenging and fun. This includes supporting Windows, possibly in ways and with methods the folks in Redmond have not even dreamed up yet.

Re:What rock was she hiding under? (2, Interesting)

SatanicPuppy (611928) | more than 6 years ago | (#22072086)

Like most of us are in a situation to make things like that compatible with existing systems?

Whenever someone comes to me with that sort of demand, I tell 'em I'll be glad to support it, whenever they buy the software/hardware appliance/developers license/whatever that I'll need to run to support it. And I am happy to do that, because that does fall under the realm of things that I can do, unlike waving the magic compatibility wand and recoding interfaces to support a platform that only just released a real api.

Re:What rock was she hiding under? (4, Interesting)

Bert64 (520050) | more than 6 years ago | (#22072300)

To support it? An iphone is a lot less hassle to support from a corporate perspective than other types of device such as blackberry...
It uses standard IMAP, with support for SSL.. Standard SMTP with support for TLS...
It can even VPN, using standard l2tp/ipsec.
You don't need any additional software, assuming you're running systems that support the appropriate standards. Yes, the iphone does have some shortcomings but being a hassle to support is not one of them. It's just a case of people being scared of what they don't know.

Re:What rock was she hiding under? (0)

Anonymous Coward | more than 6 years ago | (#22072514)

From what I understand the wireless authentication methods leave a little to be desired.

Re:What rock was she hiding under? (1, Funny)

cbiltcliffe (186293) | more than 6 years ago | (#22071494)

I know lots of people that aren't good corporate tools, too, but they still work in corporations.
Although I suppose I know a lot more people who in fact _are_ good corporate tools, so I guess it all balances out in the end.....

Re:What rock was she hiding under? (2, Interesting)

kellyb9 (954229) | more than 6 years ago | (#22071856)

This is an instance where I have to agree. Apple does a very good job of identifying specific problems and trying to create unique solutions for them. The iPhone was never designed for corporate use, maybe a future version will be, but at this point, it's a pretty stupid idea.

I am by no means Mac user, but I have to admire their creation of the Macbook Air. Here's another example where they said - here's the problem, people traveling - lets create something to make this process easier. This is really one of my major criticisms of MS, who always try to create the one machine that will solve all of our needs. Unfortunantly for Mr. Gates, there is a high overhead in this line of thought.

Re:What rock was she hiding under? (2, Insightful)

Anonymous Coward | more than 6 years ago | (#22072040)

You're right, but if you look at the reasons, most of them apply to a consumer device, too. (e.g. Lack of encryption is pretty wacked. The only reason Apple gets away with that in the market, is that their competitors are just as bad.)

One of the big lessons of the iPhone is that today's phones suck. The iPhone sucks too. But the iPhone -- a device made by a personal computer maker -- has also sent a message that wasn't being heard before: phones don't have to suck. If PCs can be make non-sucky, why not phones? Maybe in a few years, someone will address the we-don't-want-suckiness market.

Re:What rock was she hiding under? (0, Flamebait)

Hatta (162192) | more than 6 years ago | (#22072646)

Who the hell buys an $800 phone in the first place? The obscenely rich. Which, these days means a CEO or some other corporate schmuck.

Re:What rock was she hiding under? (1)

T-Bone-T (1048702) | more than 6 years ago | (#22072792)

Not I. My iPhone cost $400. The most basic phone in the store cost $150.

Re:What rock was she hiding under? (0)

Anonymous Coward | more than 6 years ago | (#22073118)

"It's not even a *bad* corporate tool."

Sounds like the author is a "corporate tool".

SLASHDOT SUX0RZ (-1, Troll)

Anonymous Coward | more than 6 years ago | (#22071190)

_0_
\''\
'=o='
.|!|
.| |
Trojans, beware of geeks bearing goatse [goatse.ch]

Re:SLASHDOT SUX0RZ (2, Funny)

Anonymous Coward | more than 6 years ago | (#22071894)

WARNING the above link is A GOASTSE LINK!!! Stop the maddness and visit GOASTSE BLOCKER 2.3.67 [goatse.cz]

Re:SLASHDOT SUX0RZ (4, Funny)

PitaBred (632671) | more than 6 years ago | (#22072664)

Is it a Firefox plugin or something? I can't seem to find any links on that page, just a picture of a gaping anus... help plz?

Yawn (-1, Flamebait)

Anonymous Coward | more than 6 years ago | (#22071192)

I am waiting for the story that comes after a real problem is actively occurring on an apple product. Other wise, whatever, just talk...

Re:Yawn (-1, Redundant)

Anonymous Coward | more than 6 years ago | (#22071834)

I have yet to see any actual (not theory, not dreamed up) malware out for the Mac, much less the iPhone.

Maybe people want to find something they can't.

Arguably OS X and the iPhone are 100% secure. No proof has ever been offered to the contrary.

Re:Yawn (1)

toadlife (301863) | more than 6 years ago | (#22072920)

Awesome.

So FUD... and a non sequitur (4, Insightful)

revscat (35618) | more than 6 years ago | (#22071202)

'The fear is hackers may be experimenting and gathering research that will increase the dangers of a more malicious attack in the near future. It is clear at least one writer -- the author of this piece at Web Worker Daily -- thinks that the iPhone should be left on the dresser in the morning. She offers several reasons that the device isn't a good corporate tool.'

So the summary starts off being nothing more than FUD, and since that won't hold water descends quickly -- albeit nonsensically -- into a completely different topic.

I guess Zonk hates the iPhone. Or is looking for page views. Or something. *shrug* Whatever, none of this makes a lick of sense.

"dangers of a more malicious attack" (4, Insightful)

Schraegstrichpunkt (931443) | more than 6 years ago | (#22071430)

The fear is hackers may be experimenting and gathering research that will increase the dangers of a more malicious attack in the near future.
So the summary starts off being nothing more than FUD, and since that won't hold water descends quickly -- albeit nonsensically -- into a completely different topic.

No kidding. News flash: If the iPhone is vulnerable, then the "dangers of a more malicious attack" are already there. The solution is to fix the iPhone, not to bitch and fearmonger about "hackers ... experimenting and gathering research".

Re:"dangers of a more malicious attack" (4, Insightful)

Tsiangkun (746511) | more than 6 years ago | (#22071598)

This only affects unlocked iPhones, so I assume by "fix", that you mean use as intended ?

Re:"dangers of a more malicious attack" (2, Informative)

Your.Master (1088569) | more than 6 years ago | (#22072382)

I don't think "unlocked" is the right word for a hacked iPhone. They were hacked through a security hole. So by "fix" he may well mean "close the security holes". You know. Fix the security bug.

Of course, people who hack it to hell and then don't ever upgrade again (in fear of bricking or whatever), their phones can't be fixed by their own actions.

Re:"dangers of a more malicious attack" (3, Informative)

die444die (766464) | more than 6 years ago | (#22073528)

That security hole has been closed for a while, which is why you can find people trying to downgrade their iPhones back to 1.1.1 which will reintroduce the security hole, allowing them to jailbreak their phones again. The phones were infected when users who had already intentionally jailbroken their phones downloaded a new application from an unsafe software repository.

Re:So FUD... and a non sequitur (1)

morgan_greywolf (835522) | more than 6 years ago | (#22071552)

So the summary starts off being nothing more than FUD, and since that won't hold water descends quickly -- albeit nonsensically -- into a completely different topic.
Well, the second topic does make some sense as it shows that the writer of the article is someone with an obvious iPhone-hating bias.

Still, the iPhone is a consumer product, not an enterprise tool, and even Apple itself markets it that way. That's why it doesn't have any of the features she mentions as being lacking in the iPhone. And there's nothing wrong with that. As a personal communications tool for consumer use, it's fine. As a corporate enterprise tool, it sucks.

Maybe Apple will come out with a new incarnation with centralized management and seamless connectivity with OS X Server or something. That might just happen, too. But until it does, she's right, biased or not.

Re:So FUD... and a non sequitur (-1, Flamebait)

Anonymous Coward | more than 6 years ago | (#22071590)

I guess Zonk hates the iPhone. Or is looking for page views. Or something. *shrug* Whatever, none of this makes a lick of sense.

I hate the iPhone, for all the reasons mentioned here: iPhone = Smudgy Piece of Shit [thebestpag...iverse.net]

Re:So FUD... and a non sequitur (4, Interesting)

Firehed (942385) | more than 6 years ago | (#22072556)

Sounds about right. This so-called 'worm' is nothing more than a useless file - THAT YOU HAVE TO CHOOSE TO INSTALL - with a bad uninstaller script. It's about as much a worm as typing 'sudo rm -rf /' into the terminal because some stranger on the internet said it's a good idea (for the uninformed, it's a great idea, and definitely try it and give it your root password when prompted)*.

The only known actual exploit on the iPhone is the TIFF exploit that JailBreakMe.com uses for powers of good (which, while jailbreaking the phone, also patches the exploit it used to do so). People that didn't use that hack likely updated to 1.1.2 firmware, which also patches that hole.

No, it's (most irrelevantly) not a corporate blackberry replacement. It's not really perfect at anything, though I'll say that the solitaire game really lends it self fantastically to the touch interface. But unlike most multifunction devices which really half-ass everything, it does most things quite well and the sacrifices made are understandable and more importantly are not deal-breakers.

*Hey, I'm a stranger on the internet. What did you expect, candy?

Re:So FUD... FUD and FUD (0)

Anonymous Coward | more than 6 years ago | (#22072800)

From TFS:

Though this worm is more of an annoyance than anything else, it could be a proof of concept for a more serious attack.

From TFA:

The fact that this Trojan is more nuisance than threat is only marginally good news.

Elsewhere in the summary and the article, it's clearly said that the malware is of the Trojan variety, that is, it requires users to install it. Changing the type to worm clearly show that the submitter doesn't understand the difference and/or the submitter is engaging in FUD spreading. Considering that this is /. it's hard to believe the submitter is stupid enough to not know the difference.

Re:So FUD... and a non sequitur (1)

T-Bone-T (1048702) | more than 6 years ago | (#22072874)

In case it isn't clear to someone why this is fud:
The fear is hackers may be experimenting and gathering research that will increase the dangers of a more malicious attack in the near future.

That is a pretty murky statement, much like something a psychic would say.

Stuffed shirts (1, Insightful)

russotto (537200) | more than 6 years ago | (#22071204)

Yeesh. These guys give real meaning to the name "stuffed shirts". One disadvantage of the iPhone: with the competition, "users have little choice but to follow the corporate-mandated security routine." Blech. The prissy description of people trying to unlock the iPhone only confirms this. If they want a device which make 2008 feel more like 1984, I HOPE Apple's the wrong company to go to.

Re:Stuffed shirts (4, Informative)

Ferzerp (83619) | more than 6 years ago | (#22071306)

You do realize that in many (most?) cases, we are mandated by law to protect our information on mobile devices with passwords/encryption?

I'm a huge advocate of personal freedom, but on an enterprise-class mobile device, support for centraly managed policy is a MUST to comply with HIPAA, SOX, etc.

1984 does not apply to a corporate environment, sorry.

Re:Stuffed shirts (2, Insightful)

mckinnsb (984522) | more than 6 years ago | (#22071736)

You do realize that in many (most?) cases, we are mandated by law to protect our information on mobile devices with passwords/encryption?
Yes. You do realize the FCC already checked to make sure that Apple was following the law [computerworld.com] , right?
Ok. I was just checking. Look- if your employees buy an iPhone and bring it to work, you don't have to support them joining the buisness network. If they complain, tell them that the company didn't furnish them with an iPhone and it was their personal telecommunications purchase decision. You sound like Apple should be sued for releasing a phone that was intended for personal use just because people decided to bring it to work- and use it in work. Guess what? The responsibility , under HIPAA regulations, as far as your employees are concerned, falls with *the employer* and the *employees*, not the *systems they choose to run*. If you choose a faulty system, its your fault. I didn't see any Apple commercials with doctors talking about how well they could use their new tool to communicate to their nurses.

Re:Stuffed shirts (1)

Ferzerp (83619) | more than 6 years ago | (#22071928)

I'm confused? What does FCC ok'ing the iphone as a radio device have to do with enterprise mobile devices?

When I said "we are mandated by law," I was speaking as a corporate IT worker, and not as an individual.

I was replying to a poster who was comparing IT security with the book 1984. There was no intent that anyone take it as anything but a statement saying that we really can't legally use iphones in that environment as they do not meet the minimum requirements that we must take to protect our data.

Re:Stuffed shirts (1)

spun (1352) | more than 6 years ago | (#22071950)

Are you trolling or are you really that bad at reading comprehension? The GP was talking about SOXX & HIPAA, not FCC approval. And he was in no way implying Apple should be sued. He was stating that the iPhone is not set up to suit corporate environments because it can not be name/password protected and thus can not satisfy SOXX & HIPAA.

Re:Stuffed shirts (1)

Knara (9377) | more than 6 years ago | (#22072432)

Also, I don't think you can brick the thing via centralized management, which is often a necessity for corporate devices.

Re:Stuffed shirts (1)

mckinnsb (984522) | more than 6 years ago | (#22072572)

*cough* I responded at work at a online/retail store and neglected to read the post that he was commenting on. Sometimes Slashdot's comment system doesn't allow for the greatest instant visibility.

Re:Stuffed shirts (1)

russotto (537200) | more than 6 years ago | (#22072524)

I'm a huge advocate of personal freedom, but on an enterprise-class mobile device, support for centraly managed policy is a MUST to comply with HIPAA, SOX, etc.


You mean the dictates of Minihealth and Minifinance? Like I said, I hope Apple's the wrong company.

trojans (5, Funny)

Anonymous Coward | more than 6 years ago | (#22071242)

I was always taught that trojans were good things that you used so you wouldn't get viruses. Now you're telling me something different?

yes, but (4, Funny)

EmbeddedJanitor (597831) | more than 6 years ago | (#22071828)

only if you roll it out on a banana like they showed you in sex ed class.

That's a problem I always had as a teenager. It was easy to keep a condom in your wallet, but the banana got squishy after a couple of days and made an embarrassing mess.

Re:trojans (1)

zulater (635326) | more than 6 years ago | (#22072652)

You must be pretty new. This is slashdot. Which incidentally is much better at protecting against sex than any condom.

Curious (4, Interesting)

Nom du Keyboard (633989) | more than 6 years ago | (#22071250)

Curious how this only affects unlocked iPhones. Just who is that to the benefit of?

Re:Curious (2)

xannash (861526) | more than 6 years ago | (#22071350)

If it only infects unlocked iPhones, then wouldn't it kind of make a person wonder as to WHO actually wrote the program to begin with. Funny that it won't infect phones that are following all of Apple's rules.

Re:Curious (2, Interesting)

2nd Post! (213333) | more than 6 years ago | (#22072170)

It isn't funny, at all. By not releasing an SDK for 6 months, Apple had a host of volunteer security testers search for every exploit, overflow, and vulnerability on the device (which they promptly fixed).

And of course, in the course of those six months, there are some people who have NOT patched their system against these vulnerabilities.

Re:Curious (1)

samkass (174571) | more than 6 years ago | (#22071500)

Curious how this only affects unlocked iPhones. Just who is that to the benefit of?

The people writing the exploits. No one else benefits.

The "unlocking" is done through a buffer overflow vulnerability, which by definition is a security hole. If you've avoided the latest software updates because it "breaks" unlocking, what you're doing is avoiding the patch that "fixes" security.

So yes, if you intentionally leave security vulnerabilities open in your computers, then intentionally install this software (it apparently doesn't self-propogate), you'll get infected. That's not very surprising to me.

Re:Curious (0, Troll)

elrous0 (869638) | more than 6 years ago | (#22071588)

The people writing the exploits. No one else benefits.

You're right, a virus that discourages users from hacking their iPhones and encourages them to download the latest firmware would be of absolutely no benefit to AT&T at all. I could never believe that they would have a role in such and anti-consumer move, what with the stalwart reputation for standing up for their customers' civil rights in the face of NSA and FBI threats.

Re:Curious (1)

iminplaya (723125) | more than 6 years ago | (#22071804)

...what with the stalwart reputation for standing up for their customers' civil rights in the face of NSA and FBI threats.

You can always buy a Nokia...

Re:Curious (0)

Anonymous Coward | more than 6 years ago | (#22072378)

Nokias are good.

Same with Blackberries and Windows Mobile devices.

Someone wake me up when the iPhone offers functionality (not glitz) that Blackberries or WM devices have not had for years, especially in the security department.

Re:Curious (2, Interesting)

DaggertipX (547165) | more than 6 years ago | (#22072918)

That depends, do you consider usability a feature? Or are you yet another slashdot user that thinks that a user interface is no more than "pretty graphics"?

Sorry... I'm a UI designer, and posts like this almost make me froth at the mouth.

Re:Curious (1)

FrkyD (545855) | more than 6 years ago | (#22073018)

Someone wake me up when windows mobile devices actually deliver the functionality they promise.

Re:Curious (2, Insightful)

jacksonj04 (800021) | more than 6 years ago | (#22072178)

Oh for the love of God, not another /. "The corporations/government are out to get our freedom/data/money!" conspiracy. Perhaps it's just exactly the same as the vast majority of exploits for everything else with a processor, and it's somebody either proving a point or out to make a name for themselves.

There is of course an easy solution to the virus problem. Apply the damn patch, and if you want an open device you can play around with don't buy an iPhone in the first place!

Who do you trust? (1)

westlake (615356) | more than 6 years ago | (#22071632)

Curious how this only affects unlocked iPhones. Just who is that to the benefit of?

That is a clever spin to put on a story whose moral is that you should download software only from sources you trust. The unknown hacker who unblocked your phone isn't always your friend-in-need.

Somewhat off-topic, but has it occurred to anyone here that services like Steam and XBox Live! are the models for trusted repositories of Windows software? That the "Linux advantage" of Click-And-Run could be very short-lived?

Re:Curious (1)

eboot (697478) | more than 6 years ago | (#22073900)

It only affects iPhone's that are unlocked because they are unlocked by taking advantage of an EXPLOIT.

Wrong (4, Insightful)

MBCook (132727) | more than 6 years ago | (#22071286)

  1. It is not a worm. That would require it to spread
  2. Software installed on systems without privilege levels (like the old days of DOS or OS 7) is allowed to do anything... duh
  3. This isn't a flaw with the iPhone. Apple's way of installing applications may prevent this kind of stuff

Anything that starts with "replace the firmware of your device with this hacked firmware" can obviously cause you problems.

Re:Wrong (1)

LiquidCoooled (634315) | more than 6 years ago | (#22071594)

Anything that starts with "replace the firmware of your device with this hacked firmware" can obviously cause you problems.

Isn't that what Linux advocates have been asking Windows users to do for years.

I best duck now, but the analogy is the same.

Re:Wrong (1)

slyn (1111419) | more than 6 years ago | (#22072368)

Isn't that what Linux advocates have been asking Windows users to do for years.

I best duck now, but the analogy is the same.

Not at all.

Linux isn't a firmware. So the "analogy" you have dies before it even stands up. If you fixed your statement to "replace the OS of your device with this hacked OS", that would still be wrong (assuming the popular usage of the word hacked). Linux isn't "hacked" windows. It's something completely different. The two might be of the same software phylum (os), but they have are of completely separate classes and divisions.

Re:Wrong (1)

Applekid (993327) | more than 6 years ago | (#22071602)

Anything that starts with "replace the firmware of your device with this hacked firmware" can obviously cause you problems.
I guess the idea is that the Apple Lockdown Experience that denies rightful owners of the iPhone the ability to run whatever code they wish specifically encourages hacks to open them up, and that these hacks are not inherantly secure so a malicious person can exploit it to their ends.

You can either lock the door and have your bad guys force themselves in or you could open it to the public and put a bouncer there to keep trouble out and give the kids what they want.

I reckon the SDK next month will pretty much take care of it, providing a sandbox for applications so that they don't intermingle with sensitive data without user permission.

This kind of racism is intolerable (0, Troll)

rambag (961763) | more than 6 years ago | (#22071296)

From TFA "Crackers often engage in what in essence are dry runs to prove that an attack is viable." Crackers?! are you trying to imply all hacks/exploits are made by southern white americans aka rednecks? For shame!

Re:This kind of racism is intolerable (2, Funny)

mrami (664567) | more than 6 years ago | (#22071610)

Ah do decla-uh, Miss Daisy Mae, Ah believe Ah have found the solution to our impendin' labor shortage here on Daddy's plantation. Allow me to elaborate:
  1. Find them unlocked ah-phones
  2. ???
  3. Profit, ah say, profit, there Daisy!

Oblig. Looney Tunes ref. (1)

BlackSabbath (118110) | more than 6 years ago | (#22072438)

Foghorn Leghorn: "Pipe-Full-O-Fun kit number 7?"
Dog: "Pipe-Full-O-Fun kit number 7"
Foghorn Leghorn: "We have been flim-flammed!"
Dog: "Yeah! Hoodwinked!"

Re:This kind of racism is intolerable (2, Funny)

BadHaggis (1179673) | more than 6 years ago | (#22071614)

Crackers?! are you trying to imply all hacks/exploits are made by southern white americans aka rednecks? For shame!

Shame on you for implying that I.. I mean, southern white americans aka rednecks are smart enough to even figure out what an iPhone is!

I'm sure a Windows Mobile phone is more secure (2, Insightful)

EmbeddedJanitor (597831) | more than 6 years ago | (#22071338)

NOT!

If you think the Windows desktop/server security is bad you should see the Windows CE security! Again, MS have delivered an OS that was designed for a disconnected system (PDA) then tried to put a crappy fence around it to make it secure in a connected world. Too little, too late.

As for trojans, well no matter what OS you run, a dumb enough user with sufficient priviledges can always run a trojan. Nothing new here!

Re:I'm sure a Windows Mobile phone is more secure (2, Funny)

UtucXul (658400) | more than 6 years ago | (#22071952)

Considering how often my Motorola Q (Windows Mobile 5) reboots, freezes, or loses the ability to make network (voice or data) connections, there isn't much time left for it to be vulnerable. If that isn't secure (for a Microsoft product anyway), I don't know what is. And, if the battery life gets any worse, I'll probably only have minutes a day where the phone can even be turned on, which will shorten the window of opportunity for malware to get at it even more,

Re:I'm sure a Windows Mobile phone is more secure (1)

Teifion (1022083) | more than 6 years ago | (#22072146)

I wish I had mod points, that's the funniest thing I've read all day.

Re:I'm sure a Windows Mobile phone is more secure (1)

DaveWick79 (939388) | more than 6 years ago | (#22072342)

Considering that when I went to the Sprint store and they said the Q had problems with freezing and network connections, I'm not surprised - but I don't believe that has anything to do with Windows Mobile. My HTC phone works fine with Windows Mobile. I'll give you the battery life point - though again that has less to do with Windows Mobile and more to do with the amount of radios and antennas drawing power from these super smartphones every second you have it powered on.

Re:I'm sure a Windows Mobile phone is more secure (1)

T-Bone-T (1048702) | more than 6 years ago | (#22072964)

It is funny because it is true. My iPaq is gathering dust now that I have an iPhone.

Re:I'm sure a Windows Mobile phone is more secure (1)

Stevecrox (962208) | more than 6 years ago | (#22072184)

I've run a Windows Mobile 2003 SE and now own a Windows Mobile 5 PPC in the three years I've owned either one I've never actually heard of a Windows Mobile virus/trojan/malware. In fact the only virus/trojan/malware for the mobile platform I have heard of was for the Symbian OS system that was a "proof of concept" virus which propogated itself via bluetooth (requiring the user to accept the incoming file, open it and then install it.)

If the windows mobile platform is so insecure how come the media haven't been talking about it and if they have would you mind posting a few links where I can find out more?

Doesn't this only support Apple's position? (4, Insightful)

UnknowingFool (672806) | more than 6 years ago | (#22071346)

but it only infects iPhones that have 'been modified or opened through a security hole in the system.'

Since the very beginning, Apple has told people not to hack the iPhone because it could endanger the functionality and security of the device. Those who did could suffer when Apple updated the firmware. Now it appears hackers have found a way to compromise the iPhone because it had been already been compromised. By the way, the first hack into the iPhone require physical access to the phone so it's not like you surfing in your coffee shop will get you a Trojan. Someone first has to steal your phone and then hack it for this Trojan to work remotely.

Re:Doesn't this only support Apple's position? (0)

Anonymous Coward | more than 6 years ago | (#22071548)

By the way, the first hack into the iPhone require physical access to the phone so it's not like you surfing in your coffee shop will get you a Trojan.
Really? I may not be up-to-date with respect to iPhone unlocking, but at least on of the more recent hacks just required downloading (viewing) a modifies TIFF-Image in the web browser.

Re:Doesn't this only support Apple's position? (1)

anotherone (132088) | more than 6 years ago | (#22071606)

That hole was patched almost instantly by Apple.

Re:Doesn't this only support Apple's position? (1)

elrous0 (869638) | more than 6 years ago | (#22071626)

That's what the faithless get for not believing in the Word of Steve. Question and ye shall perish, oh faithless heathens!! Repent, and Steve will forgive!

Re:Doesn't this only support Apple's position? (1)

Dan Nordquist (214523) | more than 6 years ago | (#22072016)

Someone first has to steal your phone and then hack it for this Trojan to work remotely.

Or get you to install the firmware yourself from an untrusted source, which would be pretty much everyone who's installed a hacked firmware. (Unless they hacked it themselves...?)

Re:Doesn't this only support Apple's position? (1)

BitZtream (692029) | more than 6 years ago | (#22072490)

For versions before 1.1.2, all you had to do was visit the appTapp website and it would exploit you, hack your phone, and install the icon to allow you to install other apps. This was done via a image library exploit ... so ... all the person has to do is send you an email or get you to visit a malicious website and they can do the same crap without your phone using 'hacked firmware'.

Of course, this is true for say ... oh ... every person on the internet at one point or another. Webbrowsers and email clients have holes, the iPhone is no different.

Dresser (5, Insightful)

Fnord666 (889225) | more than 6 years ago | (#22071400)

From the summary

It is clear at least one writer -- the author of this piece at Web Worker Daily -- thinks that the iPhone should be left on the dresser in the morning. She offers several reasons that the device isn't a good corporate tool.'"
The author of the linked piece at Web Worker Daily said no such thing. In fact, the author didn't express a personal opinion one way or the other about the matter. The author was quoting a piece [forrester.com] written by Benjamin Gray, who works for Forrester.

From the linked article

At least, that's the conclusion coming out of Forrester, whose analyst Benjamin Gray, lists 10 reasons why the iPhone is not yet ready to be an enterprise-class mobile device.
I will have to take the Web Worker Daily's word for it though, since I don't feel like ponying up $279 for a 6 page pdf.

Re:Dresser (2, Insightful)

E-Rock (84950) | more than 6 years ago | (#22071538)

It isn't a business device, but then I don't really think that's what it was designed to do in the first place. The iPhone doesn't play well with corporate data. POP e-mail isn't even available as a pull service from some companies and there is nothing to sync calendar data. All these business articles are trying to pit Apple vs RIM, where I see them as very nice manufacturers that are in different markets. Currently...

Attack of the Weasels (3, Insightful)

Bullfish (858648) | more than 6 years ago | (#22071558)

Sadly, this is another sign that as Apple products grow in popularity that they will attract the attention of the weasels. Whether or not the statements the weasels make hold any water, or whether or not the scares turn out to be true, the weasels are arriving.

Corporate tool (0)

Anonymous Coward | more than 6 years ago | (#22071628)

You know a good corporate tool? The author of that piece at Web Worker Daily.

Favorite line: "Plus, since the iPhone is so popular for recreational use, the battery will drain faster than if it were purely a business device".

Yes, Apple, you dorks. If you had made it painful-to-impossible to use like my old phone, then the batteries would last much longer. What were you thinking?

YAWN (1)

SeaFox (739806) | more than 6 years ago | (#22071666)

It is clear at least one writer -- the author of this piece at Web Worker Daily -- thinks that the iPhone should be left on the dresser in the morning. She offers several reasons that the device isn't a good corporate tool.'"

Ah, so the exploit means you should not use your iPhone at all.

Oh, BTW, here's her little rant about how she thinks the iPhone is bad for business users. Not that it has any relation to the topic of iPhone exploits, just that she has you attention with a scaremongering article about iPhone security breaches so I'm gonna use this soapbox to my advantage dang-nabbit!

So when a Windows virus is released, does she believe everyone should leave their PC off until it's fixed? Yeah, I didn't think so.

Just another anit-Apple/iPhone troll. Nothing to see here, move along.

Re:YAWN (1)

kellyb9 (954229) | more than 6 years ago | (#22071964)

iPhone isn't just BAD for business users. It simple isn't DESIGNED for business users. It's a smart decision really... there are certaintly different security concerns to take into account when it comes to businesses as opposed to private individuals.

Ipod Touch (1)

Lacota (695046) | more than 6 years ago | (#22071692)

Curious, I wonder if this exploit would also affect a jailbroken/"hacked" iPod Touch? Since they're running similar software, I would guess so.

She is right (2, Funny)

geekoid (135745) | more than 6 years ago | (#22071788)

the blackberry is for the corporate tool.

Love the tags on this story (0, Flamebait)

Pojut (1027544) | more than 6 years ago | (#22071864)

Hmm...it would appear the fanboys are out in force today with the tags.

See, I love my 360. Love it. I also recognize that it has some of the dumbest engineering mistakes in the history of dumb engineering mistakes.

Sometimes the truth hurts, even if it's about something (or someone) that you love. Deal with it.

let me clarify for the author (1)

SethJohnson (112166) | more than 6 years ago | (#22072168)



She offers several reasons that the device isn't a good corporate tool.

No, YOU are the good corporate tool.

Seth

like a worm on a hook (2, Insightful)

Teflon_Jeff (1221290) | more than 6 years ago | (#22072220)

Anything that is this popular, by nature, will attract viruses. This is definitely the tip of the iceberg, and it makes me wonder how much experience people at Apple actually have at preventing viruses, once the world at large cares enough to target them.

Re:like a worm on a hook (1)

theurge14 (820596) | more than 6 years ago | (#22073814)

Do tell us more about this "security through obscurity" concept.

Corporate IT Dimwits (0)

Anonymous Coward | more than 6 years ago | (#22072264)

Anything that does not fit their preconceived notions of how something should work or does not play well with their control freak infrastructure is deemed "not ready".

Perhaps the biggest bunch of dullards that ever existed.

iPhone for corprate folk? (1)

Gat0r30y (957941) | more than 6 years ago | (#22072392)

If anyone can convince their IT department that their iPhone is for work, more power to you. But somehow I think they aren't going to be fooled by its email capability. They know your using it to watch movies and TV shows in your cube (at least thats what Ive been using mine for).

Re:iPhone for corprate folk? (1)

BitZtream (692029) | more than 6 years ago | (#22072510)

Its a shame its got better email support than the blackberry or windows mobile :(

Silly (1)

homey of my owney (975234) | more than 6 years ago | (#22072548)

As silly as me saying the pc should be left on the dresser in the morning...

Wait...

Good Corporate Tool (1)

neuroklinik (452842) | more than 6 years ago | (#22072542)

The fear is hackers may be experimenting and gathering research that will increase the dangers of a more malicious attack in the near future. It is clear [that] at least one writer -- the author of this piece at Web Worker Daily ... is a good corporate tool.'

Sad or what ? (1)

artg (24127) | more than 6 years ago | (#22072758)

.. the device can only check for new email every 15 minutes. If you're used to monitoring your new messages as often as you swallow, you may feel like you're constantly in a state of suspended animation. ... That means when meetings get rescheduled, you could miss notification.

Poor, sad woman. Chuck your Crackberry in the bin and go on a long holiday.

Phew! That was close. (1)

naturalog (1123935) | more than 6 years ago | (#22073218)

This makes me glad that I can't afford one. Or at least it makes me less envious of the people that can. No, wait. I'm still pretty damn jealous.

Only one of the stories bothers me... (1)

argent (18001) | more than 6 years ago | (#22073460)

The metasploit attack, because that's a remote execute attack.

The rest of the stories are all things like "oh my god, the iPhone is vulnerable to social engineering too!". Or "iPhone apps run as root, just like Pocket PC and Palm apps!".

If the guy who submitted this article to Slashdot had the first bloody clue about security he'd have put the metasploit attack on the title and left everything else out.

shouldn't that be iphone hack hacked (1)

CottonThePirate (769463) | more than 6 years ago | (#22073554)

So my iPhone that is all nice and unmodified has nothing to worry about, oh so the iPhone updated to the latest release hasn't been hacked, but an old one with unauthorized software and old firmware. This is just some wannabe getting media attention on the hot toy of the year. You may as well say that your pirated version of windows that fails WGA has holes because you can't get security updates for it. (I know, I know, It's just a slashrant, don't bother me with the facts of my statement)
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?