“iPhone owners should be wary of a feature that is available through the built-in Safari browser of Apple’s new device because it could allow attackers to hack in to the phone and gain control of calls, according to a security alert,” Stan Beer reports for iTWire.
“The alert from security firm SPI Labs advises users to avoid a feature of iPhones that allows a user to dial any phone number displayed on a web page simply by tapping the number. According to SPI Labs, the feature can be exploited to redirect and track phone calls, as well as placing calls without knowledge of the user. Hackers could also cause mischief that makes the iPhone unusable until it is turned off,” Beer reports.
Full article here.
Robert McMillan reports for IDG News Service, “The feature was created to give iPhone users a simple way to dial phone numbers listed on Web pages, but according to SPI, the feature could be misused.”
“Attackers could exploit a bug in this feature to trick a victim into making phone calls to expensive “900” numbers or even keep track of phone calls made by the victim over the Web, said Billy Hoffman, lead researcher with SPI Labs. The iPhone could even be stopped from dialing out, or set to dial out endlessly, he said,” McMillan reports.
“SPI is not releasing detailed information on how the Web dialing feature could be exploited, but the company contacted Apple on July 6 and is working with the iPhone maker to prevent these types of attacks, Hoffman said,” McMillan reports.
Full article here.
Sounds like a bunch of hooey to me. They say “Attackers could exploit a bug …”. Is this a VIRTUAL bug, or one they actually found? I think this is conjecture, not reality. This company just wants to make a name for themselves.
If this is true Apple needs to fix this fast….
Very fast….
Is it fixed yet?
Hooey, you say?
I’ve already racked up $840 in 900 calls to a dominatrix phone service … she keeps leaving me messages not to play with my micro softie. She is soooo emasculating.
Do not use a car! Its use can lead to accidents. A bad driver of another vehicle could hit your car and destroy it as well as put you in the hospital.
Now everyone should put out pointless threats to spread fud!!
Damn! There goes another of my money making schemes!!
I was going to install an endless loop caller to my Camel’s Milk hotline, so that I could continue making money if my Camel’s Milk sales hit rock bottom….
I wonder who’s bottom has turned into solid rock this week?
I suppose it is possible – with a little javascript trickery as well as malicious HTML.
But then again, lets be more realistic here…if you are viewing a web page with a phone number, it is probably a company’s contact us page or a directory service. Both of these types of websites have very valid and important reasons NOT to mess up your iPhone!
So this is really how the first year of the iPhone goes, right?
It’s a major security risk; It’s bringing down an entire university’s wireless network; It’s a threat to national security; The Russians are coming; The Chinese are here; In short, we’re all gonna die. Stop using the iPhone, get Apple to stop making cleverly designed and incredibly useful personal computing devices, stop the madness! KILL APPLE!
You know, even with its billions MS is going to go broke one of these days having to pay out so much undercover money to techno-mercenaries to create the huge piles of FUD they concoct with the release of every new device – yikes.
Read this yesterday at MacCentral, and posted this reply:
“the feature could be misused”
“Attackers could exploit”
“iPhone could even be stopped”
“Phone has the potential”
“bad guys would have to either trick iPhone users”
“not releasing detailed information on how the Web dialing feature could be exploited”
“Safari could be used to misdial numbers”
“this could be done more easily than previously thought”
““Yes,” said Aitel. “If they know a lot of hackers and are a special target.””
And the earth COULD BE hit by a meteor today, but I don’t think I’ll worry about that either, not until they say WILL BE. Does anyone else think that this guy is into some serious speculation, or does he really have something that warrants consideration? (I vote speculation, since I count 6 “could be”s in the article.)
Sounds like a bunch of hooey to me. They say “Attackers could exploit a bug …”. Is this a VIRTUAL bug, or one they actually found? I think this is conjecture, not reality. This company just wants to make a name for themselves.
I agree, the default position should always be to ignore expert advice and instead trust your own uninformed opinion.
“According to SPI Labs, the feature can be exploited to redirect and track phone calls, as well as placing calls without knowledge of the user. Hackers could also cause mischief that makes the iPhone unusable until it is turned off.”
THIS JUST IN, strapping jumper cables to your scrotum and starting the car could be exploited by angry unsatisfied girlfriends and/or wives to gain attention to fact that security analysts/hackers put more time into technology than actually having a life.
Your friend from across the pond,
CheekyGit
So… do you think MDN is just IGNORING the new Mac OS X worm proof-of-concept, or are they just trying to delay reporting it as long as possible?
Had it been a Windows worm, MDN would have reported it yesterday when the news broke. Been almost 24 hours since the story hit, yet it’s nowhere on MDN. So much for the word “daily” in Mac DAILY News.
Worse than 900 numbers are the numbers that look like local numbers, but are billed like 900 numbers.
For readers outside the USA, 900 is the area code for caller paid services. Calls to those numbers are billed at a much higher rate than merely the telephone call rate, sometimes a several US$ per minute, or even much higher. Typically they provide “entertainment” services, though some tech companies offer a 900 option for paid tech support calls. Hope this helps someone.
Capt. Obvious,
Do you really think a possible vulnerability in the iPhone’s browser that could possibly take advantage of the user is the same as simply driving a car? Maybe if every once in a while, you tune to a radio station that takes over your steering wheel and sends you over a cliff, that would be an apt comparison.
I’m not giving much credence to this finding, but I’m certainly not going to give some knee-jerk denial without knowing anything about the possible bug.
By not taking an objective look at this, you’re no better than those spreading FUD. It’s just called rabid fanboyism.
I think in order to maintain the cachet of the iPhone, we should bash anyone who might attempt to make the product more secure by noting any vulnerabilities and working with Apple to correct the problem. That will ensure iPhone’s prestige.
It’s true. I’ve seen it happen.
A hacker took control of my call and I started saying things like “I love you” and “of course I’ll respect you”.
Man was that weird. That needs to be fixed FAST!!!!
I was talking with the Surgeon General just yesterday and he mentioned the rise in folks strapping jumper cables to their scrotum since car manufacturers have been advertising it as a new feature but he was reluctant to issue a warning because he didn’t think it was necessary to warn against such an obvious threat — it would be like telling people to wear sun screen in the summer sun.
“…if you are viewing a web page with a phone number, it is probably a company’s contact us page or a directory service. Both of these types of websites have very valid and important reasons NOT to mess up your iPhone!”
Or it could be a malicious third party spoofing a company’s contact us page or a directory service.
“Had it been a Windows worm, MDN would have reported it yesterday when the news broke. Been almost 24 hours since the story hit, yet it’s nowhere on MDN. So much for the word “daily” in Mac DAILY News.”
so far the story is, “someone claims to have a worm but offers exactly no proof. even if true, it is a proof of concept only that seems to only affect local subnets. in other news, if a hacker can sit down at your desk and use your computer uninterrupted, they pretty much own it….”
now i agree that they could mention it. that would be a good thing. but it is a pretty brief and pointless story so far.
Obviously something Apple must be working on feverishly and it shouldn’t be downplayed even if we all would like the iPhone to be the idealist’s perfect device of our dreams.
I suspect however that this has more to do with how phone systems work and would either require a kind of filter or some involvement from the provider (AT&T).
There are a bazillion “special numbers” that can be dialed on cell phones that are used to perform configuration or other non-call functions (e.g. transfering calls). Hiding such special coded functions behind a seemingly inocuous number displayed on the web page would be easy. Perhaps this “vulnerability/bug” is no more than a means of triggering special functions using these phone number codes.
That’s what you get when a modern device is used to access a legacy system (the phone network) initially designed to provide a simple service (making calls) and later coersed into performing other functions using cludgy workarounds.
A blatant example of this, in more recent history, is Web based applications that use a document formatting protocol (HTML) to provide interactive user input. We all know how difficult it is to make this patchwork of workarounds secure. Imagine how difficult it’s gonna be to make an even older sytsem (phone network) secure while maintaining it’s compatibility with numeric only devices.
The new Mac OS X worm supposedly exploits specific vulnerabilities that include the potential for arbitrary code execution from opening a maliciously crafted PDF document.
I just this morning received an email from a source not known to me. It contained an email attachment named email.pdf; naturally I did not open it, but rather deleted the message. If I had opened it–even though I did not know the person or organization who sent the message–any harm done would have been my own stupid fault.
Maybe I should have forwarded the email to Apple for their research.
” width=”19″ height=”19″ alt=”grin” style=”border:0;” />
You must have stopped at the headline of the ‘iPhone worm’ article. The so called “iPhone worm” is actually virus that infects Windows computers. It activates when the user tries to purchase an iPhone by redirecting them to a spoof web page to capture their bank account information.
The “worm” does not spread via the iPhone, rather through your infected Windoze Craputer.
Nonetheless, MDN should ‘report’ it so we can all be informed about this new threat from Microsoft.
Not to sound alarmist, but there does seem to be more to the SPI phone vulnerability. To me it seems the scariest part is that whatever this exploit is, it gets around the confirmation dialog when you click on a phone number to dial on a web page, or visit a web page with malicious javascript that “clicks” the phone link for you. It sounds like it can do other things too.
@Altos, I don’t see why AT&T would have to be involved. From my reading of SPI’s report, it sounds like a fix in Safari could alleviate the issue. And from reading the comments on the SPI blog, I wonder if other smartphones with this feature are also vulnerable.
@ Beryllium – There was an article recently in MacLife or Macworld about the trend for spammers to move from image spam to PDF spam to pump their crap stocks. That’s prolly all it was.
This may be FUD to some degree, but it is also important to help users of the iPhone to understand how this new device can be exploited against them.
Just like going to an WiFi hotspot, connecting to an unsecured web site and revealing personal information is not a good idea, the seamless switch of the iPhone from EDGE to WiFi could allow prviate information to be captured. MacCentral has a good article on that today.
Apple may have to tightened it’s security measures for the iPhone and we will also have to learn to be careful how we use personal information on the iPhone, just like we should be doing with laptops on public WiFi sites.
“You must have stopped at the headline of the ‘iPhone worm’ article”
Actually, you must have not even seen the article I’m talking about. It has absolutely nothing to do with the iPhone.
http://arstechnica.com/journals/apple.ars/2007/07/17/anonymous-blogger-claims-proof-of-concept-mac-worm
It is regarding the mDNSResponder service in MacOS X.
Do some reading outside of MDN. You’ll learn a LOT more!
Well, there goes the “war on terror!”