Tuesday, October 23, 2007

A Poisoned Apple?

Well wired has a lovely little article about the fantastic, wonderful iPhone. It's titled "IPhone's Security Rivals Windows 95 (No, That's Not Good)"

It generally discusses the fact that all applications run on the iPhone as "root" or for you non-techies, it runs with full system privileges which means each application is essentially "god" on the phone and can do anything. This means that a hacker could "cause a phone to call numbers without the user's knowledge, seize text messages and a list of received and sent calls, turn the phone into a listening device, track the user's location through nearby WiFi access points, or instruct the phone to snap photos of the user's surroundings -- including any companions who may be in view of the camera lens. "

Now before someone out there says "well what about the Windows Mobile OS?" here's a nice document to read about it. Very few applications run as "privileged" which I assume is analgous to "root" and most run as "normal" which means it can't access protected areas of the phone and must be signed by a certificate.

I'm sure Apple will fix this situation before allowing 3rd parties to wreak havok in their little sandbox but let's hope for Apple that ingenious hackers don't find a way to expliot things between now and then. Oh wait... they've already begun.

0 comments: