Committing felonies just isn’t what it used to be. Swiping someone’s personal belongings and running off into the sunset is a thing of the past now that GPS tracking systems can be implemented in almost anything these days. If you can track your child, your pet, and your spouse, tracking a phone is no big deal.
Maybe Eddie Deleon, who practically invited the police into his home when he stole an iPhone with a GPS application, hadn’t received the memo quite just yet.Read More →
Until Apple releases a patch to correct the issue, you better hope he doesn’t have the same skills as the two European researchers that recently discovered a way to hijack the iPhone.
Vincenzo Iozzo, 22, and Ralf Philipp Weinmann, 32, successfully broke into the iPhone and hacked into the SMS database in about 20 seconds during the Pwn2Own hacking contest. They were even able gain access to messages that had already been deleted. The hacking technique developed by the two researchers, known as an exploit, could have also extracted the phone contact list, the email database, photographs, and iTunes music files on any iPhone.
The iPhone’s sandbox, a security tool that protects the iPhone from being attacked, was able to keep the hackers from bypassing it. But the winning exploit was strong enough to operate without having to break free from the sandbox.
“Apple has pretty good counter-measures but they are clearly not enough,” said Halvar Flake, a security researcher that assisted with the exploit.
Weinmann said that they were able to hone in an a vulnerability in the iPhone’s design. By using the exploit, a hacker is able to have the same user privileges as a non-root user called mobile located in the iPhone sandbox.
“It was a real world exploit against a popular device, ” said Aaron Portnoy, a security researcher from the company sponsoring the Pwn2Own hacking contest, TippingPoint Zero Day Initiative. “They exfiltrated the entire SMS database in about 20 seconds. It was as if a webpage was loading.”
TippingPoint ZDI will report the issue to Apple and will withhold details until a patch to correct the vulnerability is released.
Read More →
According to anti-virus and security firm, Sophos, 8000 iPhone and Android smartphones were recently hacked to form a botnet. By downloading an app called WeatherFist, unsuspecting users with jailbroken phones became vulnerable. Fortunately, in this case the botnet was not actually harmful. Instead, it was created by two researchers at TippingPoint Digital Vaccine Labs as a proof of concept experiment to prove how easy it is for these smartphones to be exploited, and just how weak the security is for third party app stores.
Moral of the story – research an app before you insist on downloading and installing it from any of these third party app stores.
(Via Download Squad)Read More →
There has been lots of talk about the dangers of Jailbroken iPhones, and now it seems that SmartPhone dangers are extending into the world of Android smartphones too. Sophos is reporting that a rogue application is busy stealing users banking information.
According to First Tech Credit Union, there are several applications posing as a shell for mobile banking applications which have the real purpose of phishing personal information about a user’s bank account. The assumption is that this information is going to be used for identity theft. First Tech Credit Union also wants to point out to customers that at this time they do not offer an app for Android devices.Read More →
As our cell phones become capable of doing so much more then just making phone calls, such as downloading applications, shopping online, and even managing our bank accounts, hackers look to them more and more as a system to exploit. This is not just something we have to worry about having in the future, but this is something cell phone users need to be concerned about right now.
Russian antivirus company, Kaspersky Lab, has found a new malicious program that has already been used to part phone users from their money. This program works by hijacking Nokia phones and making small charges to the owner’s wireless account, and then sending that money to the account of the hacker.
In yet another similar incident that happened last month, an Australian student created and spread a virus on jailbroken iPhones. This virus wasn’t really harmful as it only changed the background image on the iPhone, but its purpose was to show the vulnerability of smartphones.
“The tipping point will be when we’re using the phone to shop and conduct banking,” Mr. Moss, a security expert and organizer of the Black Hat conference said. “The more you do with the phone, the more valuable a target it becomes.”
With the overwhelming amount of mobile malware popping up, a new company called Lookout has started up. Right now Lookout is testing security software for phones running Windows Mobile, and the Android operating system, and they will soon be introducing security applications for the iPhone and BlackBerry. The software will protect phones from rogue programs and it will allow the phone’s owners to remotely back up and erase data on their phones in case a phone is stolen. A user will also be able to track their phones on the web using the phone’s built-in GPS.
Lookout has been working hard to bring to the public’s attention to focus on just how vulnerable people’s cellphones really are. One of the ways they have succeeded in doing this recently, was by camping outside the Academy Awards ceremony in Hollywood, and scanning the phones of the stars walking the red carpet by using a short range Bluetooth wireless connection. They found that as many as 100 of the stars’ phones were vulnerable to hacking over such a connection, effectively proving us just how vulnerable these phones really are.
(Via NYTimes)Read More →
If NASA scientists have their way, smart phones like the iPhone will soon double as mobile chemical detectors. With the invention of a postage stamp sized sensor accessory that can plug into the iPhone, this will be much easier for everyone to use without having to carry around an additional attachment.
This tiny sensor was developed for the Department of Homeland Security, which hopes to eventually have this installed in every cellphone, forming a huge chemical alert network wherever people go. Aside from just sensing for what kind of chemicals are in the air, the sensor will also detect chemical concentration, humidity, and temperature. And thanks to the built in GPS tracking in the iPhone, they plan to even be able to pin point the chemical events for research as well as for in case of emergencies.
(Via SecurityInfoWatch)Read More →
Raytheon, a military contractor company, has announced its new iPhone application, the One Force Tracker. It will allow military personnel to securely communicate with each other, and track friends and foes on a real-time map. For example, it allows for crowd sourcing, which has volunteers using cellphones to report real-time traffic flow. The idea is to adapt the concept to turn each soldier into an individual reporting unit, delivering real-time data about position and status.
“We are really delighted to be leveraging Apple’s innovation” said J Smart, chief technology officer for Raytheon’s Intelligence and Information Systems.
The GPS-enabled map feature could also be used for tracking or labeling specific areas such as known sniper sites or safe fallback positions.
“This is hypothetical, but if there is a building with known terrorist activities, it could automatically be pushed to the phone when the soldiers get near that area,” said Mr. Smart.
With the extra communication, errors and misjudgments could be greatly reduced. In case another platoon doesn’t arrive on time, or arrives early, soldiers would know that in real-time, instead of having to waste time confirming this with someone higher up; and on the battlefield, there is no time to waste.
Raytheon is also working on developing sensors that can be attached or even built into the military’s version of the iPhone that would serve other purposes. An example of this would be a portable ultrasound machine built into the iPhone which would be very useful for battlefield medicine.
If and when the military does start using the iPhone, there will be some modifications done to it to make it work at the highest level possible. The first thing that will be done is to turn off the “one-function” feature, allowing the iPhone to run multiple programs at once, such as having the GPS function running at all times, while other programs are being used. Also, since the iPhone doesn’t have a replaceable battery, the military might create a new, rugged phone case that would hold a bigger battery, and at the same time protect the phone from damage.
The adaptation of the iPhone to military use is somewhat unusual, since technology usually trickles down from the military to the consumer market. But this is a rare case of consumer hardware and software concepts being so useful and efficient that it is adapted for military use.
(Via NY Times)Read More →
After word of the virus that infected hundreds of jailbroken iPhones and iPod Touches spread, Apple claimed that keeping your iPhone/iPod Touch in stock mode and not jailbroken, would keep it safe from viruses and other kinds of malware. However, a new app is proving that even a stock iPhone can be hacked. This app is called SpyPhone and is designed to show what kind of information a regular, non Jailbroken app can gather from users without them knowing about it.Read More →