Hackers Targeting iPhone and Mac Users

Sorry all you holier than thou Mac users who think they are immune to adware and viruses.

Since people are actually buying Macs now, hackers are now focusing on them since Windows doesn’t have 90% market share anymore.

http://news.yahoo.com/s/afp/20080810/tc_afp/usitinternetcrimecompanyappledefcon

Yeah

nice, maybe demand and prices will drop

maybe mac humpers will stfu.

ik right

http://www.thebestpageintheuniverse.net/c.cgi?u=macs_cant

Maybe Mac users will finally shut up about the invulnerability of their precious Macs.

Probably not.

Did anyone read the fucking article???

It’s about jail breaking phones…not the phones getting fucking hacked from random people over the internet…

I dont like macs but that site is stupid

the same vulnerabilities that are used to jailbreak the phone, could likely be used to create viruses and crap.

aren’t you supposed to be “good” at IT?

:lol:

You realize what Defcon is and how that event works?

If there was some remote vulnerability in the iPhones operating system…They would have highlighted it to get media/hacker attention…

I understand what being able to jail break a phone leads to…They are already on the 2nd release of the iPhone…and have been jailing breaking it since a couple months after initial release…

has there been any mass exploitation of the iphone…

NOPE

the same vulnerabilities that are used to jailbreak the phone, could likely be used to create viruses and crap.

^ more than likely. The last major jailbreak used a .Tif exploit in safari. You needed to navigate to “x” website on the phone and bam… the phone was jailbroken (and would also patch the exploit so to prevent malicious users from taking advantage of it)

If you think about it, a Mac is just like any other OS. You put anyone skilled at it and it will be broken. Just hasn’t been in the news yet becuase no one cared to hack them.

Spend a month developing a hack that can take down 90% of systems or go for a minority…

The Apple Wireless device that hackers took over in minutes. The “jailbreak” for iPhones is simply a browser exploit that installs files on the system as root and unlocks access to the system. No typing a root password there to get full blown access to the box when installing something.

waste of time

just because the main stream media says people are hacking iphones and macs more now doesn’t mean that its happening or not happening… misinformation is awesome.

not really familiar with DefCon. Just reading the article for what it states. It is clearly stating thats hackers are rapidly getting their hands a bit dirty with the OS.

More than a thousand people crammed into his DefCon talk about hacking Apple software.

More than a thousand people were obviously pretty eager to hear about mac hacking

The hack is crowned a “jail break” because it liberates iPhone models from the shackles of deals Apple has with telecom giants providing exclusive service to the devices in varying countries.

jailbreaks prove there is a vulnerability to install 3rd party software(good or bad)

“It shows people are getting proficient at analyzing Apple software,” Hotchkies said.

this is the key quote right here

“There are people looking at the iPhone. We pass vulnerabilities on to vendors, and when I communicate with Apple the first thing they ask is if we’ve tested it on the iPhone. They don’t want to be surprised.”

Last paragraph clearly states that vulnerabilities have been found, and passed on to the vendor.

There always have been and always will be ways to exploit complex software. Just because there have not been any mass exploits yet, does not mean that there won’t be any in the future.

You are only looking at hacking in the context of being malicious.

Jail breaking a phone or making the iPhone do anything outside of what Apple intended you to do with it is a “hack”

The first post in this thread by boxxa was “Sorry all you holier than thou Mac users who think they are immune to adware and viruses.”

The article he had posted has nothing to do with adware or viruses…

^ so if someone can jailbreak a phone via the WWW, can’t they also deploy malicious code via the WWW?

Obviously the possibility was there…I believe it was fixed…

You would also have to get the user to click the malicious link and then write some virus or other program to actually do something after the link was clicked and the phone was jailbroken…

I have not jailbroken the latest 3G iPhone but I believe its more complex then simply clicking a link.

yeah, the article was written on hacking in general, mostly in regards to jail breaking. However, I do not believe for a second that some of these hackers are not designing malicious software as well.

Designing malicious software to do what?

  1. Create some new jail break/expliot
  2. Now you have to keep this out of the public eye(no small task since you just said 100000 people are trying to “hack” the iphone)
  3. Hope Apple doesn’t release a patch.
  4. Write some sort of reverse connect back door since AT&T can firewall ingress to the iphone.
  5. Create some website with your expliot.
  6. Find some creative way to get user to visit your site(Which again is no small task trying to force users to view a site or hope they stumble onto it)
  7. Massive exploitation will draw attention and since AT&T controls the network iphones are on they can firewall said exploiting site.
  8. Attack is logged sent to Apple and a patch is released.

Another attack vector would be exploitation of the wifi chipset in the iphone…but these attacks leave just about every wifi device vulnerable and the iphone is the least likely and profitable target.