Text only | Text with Images

IDNetters Forums

Technical News & Discussion => Mobile Devices News & Discussion => Topic started by: Glenn on Feb 03, 2010, 08:23:36

Title: iPhone vulnerable to remote attack on SSL
Post by: Glenn on Feb 03, 2010, 08:23:36
Apple's iPhone is vulnerable to exploits that allow an attacker to spoof web pages even when they're protected by the SSL, or secure sockets layer, protocol, a security researcher said.

The fault lies in a feature that makes it easy to configure large numbers of iPhones so they meet an organization's IT policies, said Charlie Miller, a researcher at Independent Security Evaluators. Not only does the provisioning feature work over the internet, it can be tricked into accepting malicious configuration files.

http://www.theregister.co.uk/2010/02/02/iphone_malicious_config_attack/

Most won't fall for it, but it will catch out some poor souls, clicking on the links.
Title: Re: iPhone vulnerable to remote attack on SSL
Post by: Gary on Feb 03, 2010, 09:42:31
Quote from: Glenn on Feb 03, 2010, 08:23:36
Apple's iPhone is vulnerable to exploits that allow an attacker to spoof web pages even when they're protected by the SSL, or secure sockets layer, protocol, a security researcher said.

The fault lies in a feature that makes it easy to configure large numbers of iPhones so they meet an organization's IT policies, said Charlie Miller, a researcher at Independent Security Evaluators. Not only does the provisioning feature work over the internet, it can be tricked into accepting malicious configuration files.

http://www.theregister.co.uk/2010/02/02/iphone_malicious_config_attack/

Most won't fall for it, but it will catch out some poor souls, clicking on the links.
Quote from: Glenn on Feb 03, 2010, 08:23:36
Apple's iPhone is vulnerable to exploits that allow an attacker to spoof web pages even when they're protected by the SSL, or secure sockets layer, protocol, a security researcher said.

The fault lies in a feature that makes it easy to configure large numbers of iPhones so they meet an organization's IT policies, said Charlie Miller, a researcher at Independent Security Evaluators. Not only does the provisioning feature work over the internet, it can be tricked into accepting malicious configuration files.

http://www.theregister.co.uk/2010/02/02/iphone_malicious_config_attack/

Most won't fall for it, but it will catch out some poor souls, clicking on the links.
I never use my phone for ssl stuff never have and never will trust the mobile web for that
Title: Re: iPhone vulnerable to remote attack on SSL
Post by: Niall on Feb 04, 2010, 20:45:50
I'd be lucky if my fat fingers could select the links. I keep missing :D
Title: Re: iPhone vulnerable to remote attack on SSL
Post by: Gary on Feb 04, 2010, 21:44:49
Quote from: Niall on Feb 04, 2010, 20:45:50
I'd be lucky if my fat fingers could select the links. I keep missing :D
Double tap the screen and make the page bigger  ;D
Title: Re: iPhone vulnerable to remote attack on SSL
Post by: Niall on Feb 06, 2010, 15:21:31
I do :D
Text only | Text with Images