- 08-02-2009, 09:08 AM #2
- 08-02-2009, 09:22 AM #4
- 08-02-2009, 09:41 AM #6
- 08-02-2009, 10:07 AM #8
- 08-02-2009, 10:38 AM #10
Or you can choose not to update. The SMS hack is true, but will more than likely never happen to you. Here's why:
A huge buzz preceded the presentation by Charlie Miller and Collin Mulliner at the famous “Black Hat” cybersecurity conference in Las Vegas. The pair claim to have discovered a way to take over a smartphone, such as an iPhone or Windows Mobile phone, using nothing more than SMS. According to the San Francisco Chronicle, “A pair of security experts have found a vulnerability in the iPhone that allows a hacker to take control of an iPhone through a text-message attack.” Even scarier, the attack uses “a series of mostly invisible SMS . . . bursts,” the Chronicle said.
Here are the real facts:
- Yes, in theory, a hacker could take over your smartphone. Could be an iPhone, as the Chronicle’s lead paragraph and headline said. Could be a Windows Mobile phone.
- There is no such thing as a “mostly invisible” SMS message. You would receive a normal-seeming SMS message that should show up on your phone just like any other.
- You would know you are being hacked because you will receive SMS messages that contain empty square characters (I guess this is what the Chronicle means by “mostly invisible”; by that standard, the letter o is mostly invisble). If at that point you delete the messages or turn off your phone or go into Airplane mode, the attack will not succeed.
- The attack requires 512 SMS messages, presumably delivered rapid-fire. That makes an attack against a single victim fairly noticeable and possibly expensive. An attack against more than a small number of smartphone users would be cost-prohibitive. Even “unlimited” SMS plans have their limits.
- The attacker needs the phone numbers of enough smartphones to make this worth his while. Sending the attack to landlines or regular cellphones would merely run up his costs and raise his profile. This effectively limits the attack to “whales.”
- The 512 SMS messages must all survive until all of them have been received by the victim. If the victim deletes even one of these messages, the exploit fails.
- Cell phone companies actually care about SMS spam and have countermeasures in place. Leaky, lousy countermeasures, to be sure, but they would be foolish to allow their networks to be take over by zombie phones. Surely they could filter out all “mostly invisible” messages.
It is disturbing that this attack is possible, even given these constraints. You just don’t think of SMS as a security hole. Thank goodness Apple has already patched against this exploit. But get a grip, people.
- 08-02-2009, 01:13 PM #11
- 08-02-2009, 07:44 PM #13iMore Pro
- 718 Posts
FWIW, to anyone contemplating it....
I was preparing to restore, upgrade and re-jailbreak. I disconnected from iTunes while the 3.0.1 ipsw was downloading (to back up my cydia packages with PkgBackUp...nicely spent 1.99, worked great) and when I plugged it back in, the new firmware warning popped up offering to let me update. Without even thinking I clicked yes.
So I updated to 3.0.1 (keeping all my stock user data and settings), re-jailbroke with redsn0w + 3.0 ipsw
first thing I did was re-download PkgBackUp and restored my cydia packages
Rebooted and I was pretty much done.
Whole process took me about 1/2 hour.
I am not recommending this, but since you may have to restore and set up as new anyway...might as well give it a shot. 3.0 and 3.0.1 are identical, except for the sms patch, so maybe that is why it worked so well and I haven't experienced any issues, maybe I was just lucky. YMMV.
- 08-03-2009, 12:47 AM #14
- 08-04-2009, 07:20 AM #16