Advertisement: Scratch proof your iPhone 4 with invisibleSHIELD.
“Users visiting a tampered-with Web site and loading a PDF could unknowingly open their devices up to hackers,” Rogers reports. “In a blog post, Graham Cluley, senior technology consultant at antivirus specialist Sophos, said that the vulnerability is in the mobile version of the Safari Web browser used by Apple’s operating system, specifically its handling of PDFs… iPhones, iPod touches and iPads running version 3.1.2 of Apple’s iOS operating system and higher could be at risk.”
“‘We’re aware of the reports, and we’re investigating,’ an Apple spokeswoman told TheStreet Thursday, but declined to provide any additional details,” Rogers reports. “‘iPhone users should be cautious when browsing unsolicited or suspicious websites, even if they haven’t jailbroken their device,’ Symantec said in a statement.”
Full article here.
Josh Ong reports for AppleInsider, “iPhone Dev Team hacker ‘comex’ was the first to exploit the security flaws, allowing users to jailbreak their iOS devices”
“The vulnerabilities have attracted significant attention this week. Several security firms have issued notices labeling the vulnerabilities ‘critical,'” Ong reports. “A German government agency [also] warned users Wednesday.”
Full article here.
MacDailyNews Take: Avoid reading PDFs with Mobile Safari until Apple releases an update.
They declared a theoretical possibility of … Is there an example that exists? Have you made one of these pdf’s an sent it to Apple so they can see if they can correct this theoretical possibility? Is Apple’s products the only devises that this can happen too?
Is this the definition of FUD?
Apple should take some of that $45 Billion and hire the two best hackers out there. Pay ’em a million a year, set ’em up in there own space and have them hack away at all Apple software.
Apple could then discover internally most exploits before the outside world.
We all knew that evil Norton would win some day and they are.
But, it’s lord Jobs who let them in. Departure from the principles and philosophy that made us all loyal and, at times, blind followers of Jobs has resulted in him believing there was nothing bad he could do to us that would run us off.
And, it looks like he’s right. What morons we are to continue to accept the free fall of customer care and product quality. From the release of a ‘revolutionary’ phone that doesn’t work very well to exposure to the world of thievery and invasion into our personal lives now happening with every kind of Apple OS, we are being screwed and seem to just lay here and take it.
Not me. Lord Jobs does not control me or my buying choices and he never will.
“Is this the definition of FUD?”
No, just instigation of such
Hey Continuing Fall
Drop dead, ok? TROLL
You forgot to mention the “revolutionary” ipad. Don’t ever use the word ipad without the word revolutionary in front of it. Ever.
Found out more on this.
“There are two distinct vulnerabilities in the iPhone uncovered with the jailbreak software’s release, principal analyst Charlie Miller of Independent Security Evaluators told CNET Tuesday. One flaw is in the way the browser parses PDF files, enabling the code to get inside a protective sandbox, and the other hole allows code to break out of the sandbox and get root, or control, privileges on the device.”
Apple sees where the jailbreak is occurring and has a fix. “Resistance is futile!”
There is already an exploit in the wild. Haven’t you heard about the recent jailbreak code?
This is more serious than just “Avoid reading PDFs with Mobile Safari until Apple releases an update.”
This exploit can root Safari w/o the user even knowing there is a PDF being loaded.
This is the exploit that jailbreakme.com uses.
I’m sure Apple already has it fixed, but your sugar coating the issue a bit.
@ Continuing Fall
Lord Jobs?
You need a new tin foil hat. Your mom can bring one down to the basement for you.
Man, trolls have invaded this site as of late.
Oh give me a break ” lord jobs” the man spends his cancer ridden days trying to develop earth changing devises that work well for the masses, he is not some evil man in a dark castle. He seems to be a pretty decent human being that forgoes profit for excellence, ten years ago before he created the best phone ever no one was bashing him but know that the world has taken notice of his near perfect creations all of a sudden he a bad man, cite your reasoning behind that… Or keep your mouth shut and your ears open you may learn so
Apple fanboys on this site == dumbass nieve think they know security when they are smart by a 1/2.
Look what just happened. Rooted iOS4, turned off signing, broke through the sandbox. Someone other then YOU owns ROOT!! Add a GOOD stealth rootkit that stays there even if re-flashed and you are hosed. Welcome to the internet 2010 you nieve apple fanboys. Some of you are totally clueless on what just happened. You act as if this is some kind of anomaly.
A pro just hit you in the face with this exploit. Many more pros will come up to bat in the coming years. Never like MS though.
Notice: I AM NOT a troll.
Unlike those of who call me that, I am also not a moron who believes Steve Jobs is anything more than a very clever marketer, showman and master manipulator of the legions of lemmings he has spawned with what used to be truly “revolutionary” produces.
He also didn’t use to lie to us – sometimes his hyperbole was over the top but what’s new about that when someone is trying to sell something.
No, I’m totally pissed that we stand and cheer and whoop and holler when he rolls onto the stage in that get up and proceeds to tell us this new phone is the best ever and a few days later admits it’s no better than any of the rest of the smartphones out there and not really as good as the previous iPhone models.
I don’t like being lied to, taken for granted and treated as though I have no choice but to accept his incredible arrogant behavior.
I do have choices and increasingly I’m looking at products with other brands – there’s some really good ones out there now that I have cured myself of Jobs-mania blindness.
If you don’t like the iPhone 4, don’t buy one. If you bought one and don’t like it, take it back.
@TED: Learn to spell you naive, ignorant moron.
This is Easy to solve. Set yourself up for OpenDNS. This service will protect against such websites or exploits.
Check it out!
I have it for all my networks.
@Continuing Fail: As an Apple investor I’d be thrilled if you’d buy some other brand of product and just keep your sniveling and jealousy to yourself. Now go away.
I am so sorry, I am dyslexic. Can’t help it.
@rhoytink
On it, and on http://www.untangle.com/ too.
While it helps Open DNS can’t get them all. They get daily lists. Many sites have timers on them to evade easy detection. Some are polymorphic also. Plus , unless you have” enterprise Open DNS” $$$, you are far from getting the premium list.
Sophos is trying to keep their name in the news so people will buy their crap ware…
http://www.untangle.com/Product-Overview
By now, the iPad and iPhone display models in Apple and Best Buy stores should all be hacked.
/yes, I’ve seen the videos on YouTube
@Continuing Fall
One rumored security hole and the doomsayers pop up like prairie dogs. One minute you are one of the “morons” and the next minute you are independent and above it all.
No one is perfect. No company is perfect. But Apple is by far the best option at this time. If you want to go Droid to “escape” from “Lord Jobs,” then go ahead. Don’t let the iPad slap you in the back of your head on the way out.
More idiots…
@Continuing Fall
Jobs *never* stated that the iPhone 4 was “no better than any of the rest of the smartphones out there and not really as good as the previous iPhone models.” Far from it. He merely acknowledged that the iPhone 4 antenna was subject to the same laws of physics that impact other wireless devices. He also stated that the iPhone 4 antenna was the better than those of previous iPhone models.
If you are not a troll then, at best, you are a terribly misguided and illogical individual who appears driven to substitute fantasy for reality in order to fulfill your twisted viewpoint.
No more replies to CF from me. Utter waste of time.