Hackers At Pwn2Own Look To Exploit iPhone

News | Tuesday March 16 2010 12:58 AM | Comments (0) Tags: , , , ,

As part of the contest, participants will look to target smartphones running on
, Blackberry OS, Symbian or Android and make use of vulnerabilities in parsing media, dynamic web content, email and other client side issues to successfully exploit the OS. While the iPhone is known to be quite secure, security researcher and Pwn2Own contest organizer Aaron Portnoy however feels that the iPhone could be the device that could end up as the most vulnerable target among the mobile phone platforms in the contest this year. He says:
“With all the recent research on mobile phone security being presented worldwide, these devices are quickly becoming a ripe target. First to fall: the iPhone .”
Mac OS X expert Charlie Miller concurs with Portnoy. He says that while the iPhone OS is pretty tough to exploit, it is pretty similar to the Mac OS X from an exploitation perspective. Miller concedes that a few participants at Pwn2Own are already aware of certain exploits that they could intend to use on the iPhone . However, he concedes that it may not be an easy task. Miller says:
“There isn't as much exposed code on the iPhone . The easy to exploit bugs I know about happen to live in the code that Safari has but Mobile Safari doesn't. In real life the iPhone is harder because you can't just execute a shell. You have to write your return-oriented payload to do all your dirty work, which can be a pain.”
Despite the ever increasing popularity of the platform, there have not been any major security breaches with the OS so far. Having said that, it will be interesting to see if any of the participants at Pwn2Own actually become successful in exploiting the
. Do you think iPhone will be the first to fall at the contest?

No Comments »

No comments yet.

RSS feed. TrackBack URI

Leave a comment

You must be logged in to post a comment.