Interesting article in the NY Times today about a company that has found a vulnerability in the iPhone (probably Safari) that lets a remote attacker take complete control of the device. Oops.
They claim they will be demo'ing the vuln / pwnage at Blackhat in just a few days. I wonder if Apple will lean on them to try and get them NOT to present as I would be very surprised if they are able to push out an update for this vuln in time. I wonder also if these guys found the same bug that the boys at Errata sec found when they fuzzed Safari on Windows for like 15 minutes. (Errata claims that one of the Safari for Windows bugs they found works on the iPhone as well).
Among some of my favorite quotes from the article are these ones sure to cause Mac fanboys to lose their minds:
“Windows gets hacked all the time not because it is more insecure than Apple, but because 95 percent of computer users are on Windows,” he said. “The other 5 percent have enjoyed a honeymoon that will eventually come to an end.”
The iPhone is becoming a victim of its own success, he said. “The irony is that the more popular something is, the more insecure it becomes, because popularity paints a large target on its back.”
Oh and - in other iPhone related news - Cisco has taken the fall for the iPhone / Duke network outage issues - doh!
I'll be sure to harass my friends over at Cisco PSIRT about this. 🙂