A group of security researchers at Security Evaluators have developed a toolchain for working with the iPhone's architecture (which also includes some tools from the #iphone-dev community), and created a proof-of-concept exploit capable of delivering files from the user's iPhone to a remote attacker. They have notified Apple of the vulnerability and proposed a patch.
A member of the team, Dr. Charlie Miller, will be presenting the full details of discovering the vulnerability and creating the exploit at BlackHat on August 2nd. Their site will be updated to reflect those details. In the meantime they have decided only to release general information about exploiting the iPhone.
Details at their Security Evaluators site.
0 comments:
Post a Comment