New research has concluded that the Safari browser of the iPhone 1.1.4 is vulnerable to attacks, which may lead to service denial and in turn, result in a system crash.
This design flaw was detected by the researchers at Radware, an application delivery solutions company, earlier this week. The researches say the flaw triggers a series of “memory allocation operations on its memory pool”, which then triggers another different bug within its garbage collector.
To exploit Safari’s vulnerability, an iPhone user would have to open any malicious HTML pages that contain Javascript, usually as a social engineering tactic like e-mail phishing. The Radware researchers say that in a worst-case scenario, the users would experience a denial of service attack, which could result in crash of the entire Safari browser. Once the browser crashes, its malfunction could escalate to a point of paralyzing the entire iPhone.
Researchers say that each time your iPhone crashes, the device creates a log
“While vendors are struggling to push new products and applications, it is evident that security still remains a secondary concern,” said Itzik Kitler, Radware security operation center manager, in a written statement. “Hackers continue to misappropriate other people’s software and their job is made easier by design flaws embedded into software products.”
Although this vulnerability is present, experts say it would likely change as the iPhone becomes more widely used and marketshares increase.
“Though it looks like a nuisance, the fact is that a more sophisticated hacker could use iPhone vulnerabilities to shut services down or install malware,” said Ron Meyran, product marketing manager for Radware, via e-mail from Israel. “iPhone is about user mobility, which in turn exposes users to attacks and bypasses the security perimeter deployed by enterprises.”
iPhone app TouchTerm provides SSH-encrypted terminal access to any Linux, OS X, or even Windows system running a server
The Iconfactory and Artis Software have announced the launch of Frenzic for the iPhone, and it's available right now for $4.99
This may be good news for iPhone users who are missing the ability to MMS on their iPhones
iPhonesTalk.com is pleased to announce the release of our free personalized iPhone ringtones web app
MarketWatch reports that negotiations between Apple and China Mobile are making progress toward an iPhone 3G launch
Element Cases is coming out with new "gaming shields" for the iPhone
Mega-store Wal-Mart (along with Sam's Club) will join Best Buy in offering Apple's iPhone 3G to their customers just days after Christmas
Based on the solitaire game Kings in the Corners, this is a colorful and entertaining solitaire variant played on a colorful field of cards
Return7 reports that Apple has now approved their update to CastCatcher, and Version 1.3 should appear in the App Store shortly
The best ideas really are the simplest (and most obvious sometimes) ones. This app, NumberKey, is a case in point.
Wetool is an iPhone app that allows you to forward SMS, Send to Multiple Recipients, and Save your SMS to NotePad
These directions help you set up forwarding in Hotmail so that incoming messages are forwarded from Hotmail to a Gmail history
Step by step video guide on how to create your own m4r iPhone ringtones from your own MP3's
iPhone does not need any introduction. In case you are an iPhone user and want to have that exclusive and different wallpaper on your geeky device soon after it’s all for you
To get delivery confirmation reports sent to your iPhone simply add *0# to the beginning of your text message and once the SMS
Sim adapter that is claimed to fully unlock the 3G iPhone for use on any network including the use of 3G Data
IWFR.net has step by step instructions on creating custom iPhone ringtones
First of all if you would be purchasing the latest 3G iPhone, you must (meaning you have no other choice) sign a contract with the AT&T at their store
Send / Recieve MMS messages on your iPhone the way they were meant to be seen