Home Archive RSS/XML Subscribe Shop

[ISN] Security Reseacher Hopes He Has iPhone Security Exploit At the Ready

From: InfoSec News <alerts_at_infosecnews.org>
Date: Thu 14 Jun 2007 - 00:09:52 CDT
http://blog.wired.com/27bstroke6/2007/06/security_reseac.html

By Ryan Singel 
June 13, 2007

Like many geeks, security researcher David Maynor is eager to get his 
hands on an iPhone.  Unlike many geeks, Maynor also has harsh feelings 
about the Think Different company and what he says is an undisclosed 
vulnerability in Apple's Safari browser that he hopes will let him hack 
into the hugely anticipated device.

After Apple released the beta version of Maynor took a whack at Apple's 
Safari browser for Windows using fairly easily available bug-finding 
tools and says he found six bugs in a day. Maynor says one of them 
allows him to execute code remotely and he's "weaponized" it, according 
to his blog.

"One of the six is robust. I'm going to work on better remote execution 
and then wait for the iPhone," Maynor told THREAT LEVEL today as part of 
an interview for a Wired News story running Thursday. "Everyone I know 
is eager to hack the iPhone. Maybe that would actually break into it."

"I'm going to the first in line," he added later, saying that after 
Apple CEO Steve Jobs announced that developers can write apps for the 
iPhone through Safari, "it's going to be a free-for-all."

For for those who don't know, Maynor and Apple are not friends. Far from 
it.

He refuses to report bugs to Apple following an incident last summer 
when he divulged a wireless driver bug to Apple.  He later demoed an 
exploit on a non-Apple wireless adapter in a video to a conference. 
Apple then tried to make him say the code wouldn't work on a MacBook and 
denied he provided Apple with enough info for them to find the bug.  
Mac backers accused Maynard and security journalist Brian Krebs of 
overblowing the situation.  Apple later patched the bug with no mention 
of Maynard. While Maynard was not able to reveal emails he sent from his 
employer at the time, he was largely vindicated when he released some 
emails to and from Apple in a later presentation, though he did 
apologize for the manner in which he publicized the exploit.

It was an ugly fight, and now Maynor may be holding a zero-day exploit 
for the iPhone.  He's certainly not going to let it loose in the wilds, 
but if you were an Apple engineer, wouldn't you have nightmares about 
that very possibility?

I mean what malicious hacker wouldn't want to be the first to control an 
iPhone botnet?
Received on Thu Jun 14 00:09:52 2007
Google
 
Web www.infosecnews.org
© Copyright 2007 InfoSec News
Home Archive RSS/XML Subscribe Shop Privacy