Quote:
|
LAS VEGAS – SMS is a standard feature on hundreds of millions of phone globally and according to a series of researchers it's also insecure. At the Black Hat security conference, multiple researchers took the stage to detail how they were able to use to take over a users phone by way of a simple SMS message. Researchers Zane Lackey and Luis Miras took specific aim at the carrier side of the problem while Charlie Miller and Collin Mulliner took aim at the iPhone itself. "The cool thing is that you only need the phone number in order to start your attacks," Miller told the audience. Both sets of researchers began their talks by explaining how the SMS system generally works and why it is an attractive target for security research. An SMS message gets to an end-user eventually, even if they're not currently on their phone, it will show up when the user starts their phone. Miller said he informed Apple of the flaw in late June and demonstrated today with a live phone in the audience that the iPhone attack works today. An Apple spokesperson wasn't immediately available for comment. The flaw enabled Miller and Mulliner to perform a denial of service attack on the user's iPhone after the user received an initial text message. .... |
Linear Mode
