iPhone's Security Blunder

Well, we were all happy to finally get away from Windows 95 back in the day. But now iPhone users have the privilege of reliving all the security flaws of that OS on their sparkle new iPhone. "It really is an example of 'those who don't learn from history are condemned to repeat it'," says Dan Geer, vice president and chief scientist at security firm Verdasys.

Security experts have discovered that all applications run on the device run as root, which means that any hacker can cause devastation by sending out massive texts, pulling phone lists and sending them via SMS without the user's knowledge or even dialling numbers randomly without the user knowing. I personally do not have an iPhone, and have completely disowned apple after my first iPod disaster. After seeing the bricking and the price slashing, this to me is just another reason why I am happy I did not buy an iPhone.

News source: Wired

Report a problem with article
Previous Story

Gmail Gets IMAP

Next Story

Blu-ray outsells HD-DVD in U.S. for first 9 months

33 Comments

Commenting is disabled on this article.

I am rather surprised. Apple is really walking the line with this one. The only difference is that Windows 95's track record is established in the area of security. The iPhone's is not. Nothing in the wild yet. I can easily sit back and wave the proof-of-concept flag yet again . . . but I won't, because the principle of least privilege is a well established best practice for security design. We would be wrong to criticize this.

Fine, Apple has turned off obvious security flawed technology that need wide access due to poor design like Active X (unlike, for example, Java applets). But if I'm going to bash MS for shipping XP with five open ports, I'm certainly going to call Apple out on this one. Call a spade a spade.

The situation will likely be fixed when the iPhone Software Development Kit is released. The fact that all applications run as root on the iPhone might simply be a temporary bug, and was done to reduce development effort.
But we have yet to see a fix. Even if we use the argument that most other phones run as root, the fact remains that we're talking about an industrial-strength, high-security OS on the iPhone - Unix underpinnings . . . breaking a cardinal Unix rule. Even if other phones run as root, it doesn't mean it's a good idea. And, Apple, especially, who tries harder with design, has to do better and should have done better.

I can see the potential security threat by allowing all apps to run as root. Though, I am sure that could be fixed in a software update. What I wonder is, just what code could the iPhone possibly download to run? Even with a malformed URL, doesn't code still have to be downloaded to the phone and actually run to be executed?

That right there IS probably the reason why Apple does not want 3rd party apps on the phone.

Because - if they allowed them - and there was a bad app, it would be able to take the whole phone down, rather than OS handling the app crash gracefully.

This is indeed very Windows 95 way of programming by Apple.

After seeing the bricking and the price slashing, this to me is just another reason why I am happy I did not buy an iPhone.

Apple not supporting unsupported software and lowering their prices is a bad thing?

Unsupported software is unsupported for a reason. Apple doesn't want to have to be responsible for making sure all that stuff still works when they release an update. Just like when you go to an amusement park or something and they say "we are not responsible for blah blah blah", they really aren't, and if it happens it's not their fault.

Prices going down is a bad thing? It happens all the time in the technology world. The RAZR used to be a few hundred dollars, then a few months later is was only 99$, and now it's free with a contract. It happens.

thenewbf said,

Apple not supporting unsupported software and lowering their prices is a bad thing?

Unsupported software is unsupported for a reason. Apple doesn't want to have to be responsible for making sure all that stuff still works when they release an update. Just like when you go to an amusement park or something and they say "we are not responsible for blah blah blah", they really aren't, and if it happens it's not their fault.

There's a big difference between not supporting an unofficial hack and deliberately going out of their way to brick the phone. Believe me, the people that cracked it in the first place knew what they were doing, it's extremely rare in this day and age for any software hack to cause the system itself to become completely bricked, especially in the case of mobile devices where you can completely reinstall the ROM (and there's no reason why you couldn't do that with the iPhone, either). I mean think about it, Microsoft sure as hell doesn't support people cracking XP or vista, but have a single one of those pirated editions ever been even just less stable than their legit counterparts, even with all of the patches released every month? Perhaps it's not the best comparison, but the fact remains - Apple deliberately went out of their way to brick unlocked phones and that's just nasty.

Kushan said,
There's a big difference between not supporting an unofficial hack and deliberately going out of their way to brick the phone. Believe me, the people that cracked it in the first place knew what they were doing, it's extremely rare in this day and age for any software hack to cause the system itself to become completely bricked, especially in the case of mobile devices where you can completely reinstall the ROM (and there's no reason why you couldn't do that with the iPhone, either). I mean think about it, Microsoft sure as hell doesn't support people cracking XP or vista, but have a single one of those pirated editions ever been even just less stable than their legit counterparts, even with all of the patches released every month? Perhaps it's not the best comparison, but the fact remains - Apple deliberately went out of their way to brick unlocked phones and that's just nasty.

So you were in the room when Steve Jobs told the programmers to brick the unlocked iPhones?

1.1.1 was a pretty huge update, and changed the way some of the stuff on the iPhone worked. It's not that the unlockers didn't know what they were doing it, it's that Apple changed the way they had to do things in order to improve the iPhone. Hell, Apple probably went out of their way to try adding the update to unlocked phones first to see if it would corrupt the phone, and when they realized it would they decided to warn people. But even though they knew, they weren't going to change their own code to make unsupported unlockers happy.

When Apple updates OS X, they don't go out of their way to make sure 3rd party apps still work on the new software. They give developpers a new SDK to work with for the new OS. If people don't update their software to work in the new version and their apps stop working, it's not Apple's fault. Except OS X is an open platform, and the iPhone is a closed platform, but the same logic applies. If Apple changes the underlying structure for the better, it's up to the 3rd party devs to keep up. Apple doesn't have to slow down and wait for them.

thenewbf said,
So you were in the room when Steve Jobs told the programmers to brick the unlocked iPhones?

1.1.1 was a pretty huge update, and changed the way some of the stuff on the iPhone worked. It's not that the unlockers didn't know what they were doing it, it's that Apple changed the way they had to do things in order to improve the iPhone.

no, it's has already been confirmed by several iPhone Unlockers that Apple deliberately bricked the unlocked phones with the update. The new features or bug fixes included in 1.1.1 could not have bricked the iPhone, only the part of the update which had no other meaning than "punishing" unlocked iPhones.

Why do you think did it only take 2-3 days to unbrick bricked iPhones? Nothing dramatically was changed by Apple, the hackers only had to find out what simple measurements Apple did to brick unlock iPhones and un-do them.

COBBLERS - this has been known for ages, has someone only just heard about this on the Leo show or something ?

get some up to date news and as above read the roughly drafted report.

Getting more like a tabloid newspaper with this late illl informed sensationalism.

proof of concept is just that proof that a concept will work, only a mate of time befrore an exploit,

but i am sure the fanboys will say this is perfectly alright, and the iPhone is the most secure phone on the market

This is what happens when you rush a product out the door to make Wall Street happy.. I remember when they pulled all their OSX devs off the latest OS just to rush this thing out... You don't run anything that isn't a service as root.. period... although the article is odd saying you need root to send e-mails maliciously... but as root you can change the way the system works... which is a major problem in hacking

Actually it didn't. The RoughlyDrafted article, as usual, simply bashed Wired and provided excuses why running as root isn't a big deal.

It is. A malformed URL could cause Safari to run code, which would then automatically run at the root level. Conceivably, the malware could disguise itself as valid code, thus not interfering with iTunes and be practically invisible to the user, and thus provide a way for the author to receive all data from the phone using the Edge network, if necessary. This is just one scenario.

They also spew false information regarding permissions in Windows. The Storm worm requires admin access to install a Windows service - the vast majority of malware requires admin access, especially in IE7, because the capabilities of running in limited user mode are just that - limited. You need admin access to turn off the built-in firewall - how is your computer going to become part of an online botnet without unrestricted Internet access? Even if that problem was solved, the malware wouldn't launch after a reboot. The most malware can do is either delete/modify/corrupt user files and/or encrypt them.

I also like how they needlessly bash UAC and the Zune. Sensationalistic "journalism" at its best.

Wait, are we saying that the iPhone is a flawed product because it runs applications as root, and running as root is a big deal?

Is there a phone out there that does not run the applications as "root" (read with administrative access)? Should we go ahead now and bash WM2002, WM2003, WM5, WM6 pocket pc phones and smartphones? How about we have some fun with Nokia and Motorola as well. After all, they all have the same or not more features... contacts, calendar, camera (with which a hacker could take pictures of your companion, lol) SMS, phone, etc.

Moreover, I do not believe running as "root" is a big deal. Assuming the iPhone applications ran under a restricted account, this account would still need read and write access to data and all the other tokens the applications currently running under root have. This includes EDGE access as well. So, potentially, the "code" ran thru Safari would be able to cause as much damage as root. Of course, this would exclude installing itself as a persistent application, or deleting/modifying OS and application binaries (read bricking, to use hot terms), but Zetter's concern is not so. She only cares about mass texting, 1 (900) phone calls, and companion pictures.

I could go ahead and write about how running under a restricted account wouldn't make it any better in terms of installing itself a persistent application, but naaah... got things to do and people to see.

Extremely sensationalistic article. It's sad it made it to the front page.

Running as root IS a big deal. You don't need root access to read/write most files - the only thing you need root for is to install services, modify/delete system files, etc.

If WM has the same issue, it should be held to account as well.

You would think that a company that advertises its OS platform as "secure" would take the time to properly develop their mobile platform to be "secure". Running as root is an incredibly obvious blunder. This is also puzzling because Steve Jobs wrote in his open letter that it was taking them so long to develop an SDK because they were concerned about security. If they were so concerned about security, then they wouldn't allow Safari to run while logged in as root in the first place.

And yet the iPhone doesn't allow users to install there own applications. How exactly is a Virus supposed to even get on the phone? FUD for sure.

Vice said,
And yet the iPhone doesn't allow users to install there own applications. How exactly is a Virus supposed to even get on the phone? FUD for sure.

With the browser running as root, if a user accesses a compromised site, an installation can be performed without the user's knowledge

i take it you didn't read the article about apple releasing an SDK, SDK means anyone can write anythign for it. this is as far from FUD as you can get, will you people just admit apple has isues, just once, without trying to defend the un-defendable

whocares78 said,
i take it you didn't read the article about apple releasing an SDK, SDK means anyone can write anythign for it. this is as far from FUD as you can get, will you people just admit apple has isues, just once, without trying to defend the un-defendable

Bro, you're asking WAY TO MUCH!