Hacker claims to have found new security flaw with Apple's iPhone
SAN FRANCISCO, Aug 17, 2012 (Xinhua via COMTEX) --
A hacker on Friday revealed
a security flaw that he claimed could make Apple's iPhone
particularly vulnerable to text message cheating.
The flaw has existed since iPhone was first launched in 2007,
and is still not solved in the beta version of iOS 6, the next
operating system for iPhone, the hacker under the name "Pod2g"
said in a blog post.
Under the protocols handling the exchange of SMS (Short Message
Service) text between mobile phones, the sender of a message can
technically change the reply-to phone number to something
different from the original number, Pod2g explained.
In a good implementation, the receiver of the message would see
both the original phone number and the reply-to one.
But using iPhone's SMS feature, when receivers see the message,
it seems to come from the reply-to number, while the original
phone number of the sender is hidden.
The loophole means that someone could send iPhone users
messages pretending to be from the receivers' banks or other
trusted sources, asking for some private information, or cheating
them to go to a dedicated website to obtain users' information.
Pod2g called the security flaw "severe" and urged Apple to fix
it before the final release of the iOS 6 software.
"Now you are alerted. Never trust any SMS you received on your
iPhone at first sight," Pod2g wrote in the blog post.
Apple Inc. could not be reached for comments.
[ Back To TMCnet.com's Homepage ]