A vulnerability in the iPhone’s Safari Web browser could open the...
A vulnerability in the iPhone’s Safari Web browser could open the device to malicious attacks, SPI labs said. Hackers could exploit an iPhone Safari feature letting users enter digits appearing on Web sites by tapping them, it said. Hackers…
Sign up for a free preview to unlock the rest of this article
Communications Daily is required reading for senior executives at top telecom corporations, law firms, lobbying organizations, associations and government agencies (including the FCC). Join them today!
could spoof numbers so the tap instead send users to a different phone number, or manipulate the phone to track calls made on it, to place calls without a confirmation dialog, to enter the phone into infinite loop of call attempts or to lock the phone from making calls altogether, it said. Attacks can be done from a malicious Web site or a legitimate one hacked with a worm, it said. SPI has not heard reports of attacks “in the wild,” but someone is bound to figure it out, said SPI researcher Billy Hoffman. SPI reported the problem to Apple on July 6. Last week Apple worked with SPI on the problem and a fix in on the way, SPI development manager Bryan Sullivan said. It is a software problem unrelated to AT&T’s network, Sullivan said. Palm Treos and Windows smart phones may have similar vulnerabilities; SPI plans to look into those devices next, Sullivan said. Apple did not comment.