iPhone vulnerability and cracks
Security researcher Aviv Raff has discovered the iPhone's Mail and Safari applications are prone to a URL Spoofing vulnerability, which may allow attackers to conduct phishing attacks against iPhone users. iPhone is Phishable and SPAMable
Aviv writes:
By creating a specially crafted URL, and sending it via an email, an attacker can convince the user that the spoofed URL, showed in the mail application, is from a trusted domain (e.g. Bank, PayPal, Social Networks, etc.).When clicking on the URL, the Safari browser will be opened. The spoofed URL, showed in the address bar of the Safari browser, will still be viewed by the victim as if it is of a trusted domain.
He is awaiting Apple's reaction before releasing the technical data, but it is of concern to all iPhone users.
Observe this hard and fast rule:
DO NOT CLICK on any link, iPhone or otherwise, for any site or domain which may involve any ID, password or online transaction. Access those accounts by direct input only -- key it into the browser yourself, or don't access it until you get home on a reliable browser.
Stolen iPhones: cancel your telephone account immediately, and then immediately change all the passwords in email, ftp, banking or other sites where you regularly do ecommerce. Each minute that passes between the time they get your iPhone, and the time you change passwords is an opportunity for the thief to steal the resources.
Story: aviv.raffon.net
also: www.computerweekly.com
iPhone Safari Cracks
A group of security researchers have found a couple of simple ways of taking complete control of the Apple iPhone. The results are the first real success that security researchers have had in trying to find ways to exploit the new device, which lacks many of the common user interfaces and inputs that hackers rely on for successful attacks.
[ISE is an independent software security evaluation, education, and system design company dedicated to providing unbiased and scientifically motivated approaches to improve security.]
Also reported by computerweekly.com
------------------------------
Got News?
We'd love to hear about your news, software or hardware discoveries... just post at: our review input forms------------------------------
Get the InfoManager newsletter in your mailbox each Monday morning by subscribing at: mac-pro.net
Found something really cool?
We'd love to hear about it and pass it along to all of our readers... just contact Lynn or Fred, or post your own review at our : review input forms ...
------------------------------
------------------------------
del.icio.us... 
