Lost Password? No account yet? Register
The Most $100k+ Jobs. Over 30,000 new open positions monthly. Sign up now with TheLadders.com. Find 70,000 Jobs that pay over $100,000 � Search now at TheLadders.com
Web Vulnerabilities Plague iPhone PDF Print E-mail
Written by David Noel-Davies   
Friday, 02 November 2007

Okay. The headline of this post is more or less sensationalist FUD (Fear, Uncertainty and Doubt). It plays off of the fanatic popularity of the Apple iPhone to grab attention. In reality, the security weaknesses found in the iPhone are more a function of Web-enabled mobile phones in general, and not a specific flaw or error on the part of Apple. However, while the iPhone did not innovate most of the features it is known for, it did herald a paradigm shift in mobile phone design, and its popularity means that it has established the bar for what users will expect in future mobile phones from all manufacturers.

For example though, I had a Cingular 8125 mobile phone which I recently upgraded to an AT&T 8525 (after cracking the LCD display of the 8125). They are essentially the same, so I have had the same basic functionality for about the past 2 years. My phone has a large, touch screen display. My phone plays MP3’s. My phone switches from portrait to landscape display. My phone has integrated wireless and 3G access to the Web (3G is actually a feature missing from the iPhone). The iPhone is slimmer and “sexier”. The iPhone represents a higher degree of simplicity and improved functionality in many areas. But, for the most part, my phone does everything the iPhone does, and it has been doing it since long before the iPhone came out.

Phones like mine, or the iPhone, are a new breed of mobile phone. They blur the line between mobile phone, digital music player, and portable computing device. The main issue, from a security perspective, is the ability to initiate a phone call on the mobile phone by clicking on a link within the Web browser. As this article points out, it would be possible to hide or obfuscate the true URL, and possibly trick users into sharing information, or even luring them into initiating a call to a 900-number so that the attacker can generate income without having to steal and exploit the user’s data.

Comments
Add New Search
Write comment
Name:
Email:
 
Website:
Title:
UBBCode:
[b] [i] [u] [url] [quote] [code] [img] 
 
 
:angry::0:confused::cheer:B):evil::silly::dry::lol::kiss::D:pinch:
:(:shock::X:side::):P:unsure::woohoo::huh::whistle:;):s
:!::?::idea::arrow:
 
Please input the anti-spam code that you can read in the image.

3.26 Copyright (C) 2008 Compojoom.com / Copyright (C) 2007 Alain Georgette / Copyright (C) 2006 Frantisek Hliva. All rights reserved."
 
< Prev
[ Back ]