Security experts warn over smartphone SMS bugs
At the Black Hat security conference taking place in Las Vegas this week, researchers claimed that smartphones including Apple’s iPhone, Google’s Android platform and Microsoft’s Windows Mobile were susceptible to SMS-based attacks.
Using a technique known as ‘fuzzing’, Charlie Miller and Collin Mulliner, researchers at Independent Security Evaluators, presented techniques which allow maliciously crafted SMS messages to be injected into iPhone, Android, and Windows Mobile devices.
The company claims that this technique could be used to hijack devices and gain access to applications and information stored on the handset.
The company said it was drawing attention to the flaw, which exists in all platforms, in a bid to get the developers behind the operating systems to fix the bug. Apple, Microsoft and Google have all been informed, but so far only Google is understood to have taken action.
In related news, Apple on Thursday issued a warning to iPhone users in an attempt to put users off jail-breaking, or modifying their devices in order to run unauthorised applications.
Apple said that some users “have not understood the risks of installing software that makes unauthorized modifications to the iPhone OS (“jailbreaking”) on their iPhone or iPod touch,” and are likely to encounter problems such as: frequent and unexpected crashes; dropped calls; disruption of services such as Visual Voicemail, YouTube, Weather, and Stocks; compromised security; and shortened battery life.
Apple said it “strongly cautions against installing any software that hacks the iPhone OS,” and may deny service to devices found to have been hacked in this way.