Just days after the first scareware for OSX, researchers are pondering the problems of an iPhone exploit that could lead to larger issues. The Trojan pulls legitimate apps off the phone if you try to remove it, but it only infects iPhones that have 'been modified or opened through a security hole in the system.' Though this worm is more of an annoyance than anything else, it could be a proof of concept for a more serious attack.

The fear is hackers may be experimenting and gathering research that will increase the dangers of a more malicious attack in the near future. It is clear at least one writer -- the author of this piece at Web Worker Daily -- thinks that the iPhone should be left on the dresser in the morning. She offers several reasons that the device isn't a good corporate tool.

News source: /.


There are 24 additional comments
Advertisement
(2 replies) Quote this comment Reply to this comment #1 Posted by daPhoenix on 17 Jan 2008 - 12:03
Please - how is this any different than my E90? It can carry trojans, it can contain malware and it can be compromised just as easily as an IPhone.

Friggin' "security researchers" should be kicked in the face. Fear mongering idiots.
Quote this comment #1.1 Posted by vetneufuse on 17 Jan 2008 - 12:16
Quote - (daPhoenix said @ #1)
Please - how is this any different than my E90? It can carry trojans, it can contain malware and it can be compromised just as easily as an IPhone.

Friggin' "security researchers" should be kicked in the face. Fear mongering idiots.


The big reason is that the iPhone runs OSX... almost the exact same OSX as the Mac does, just stripped down... if it can happen there it may have an effect on your desktop also... to contrast this Windows Moble is not a stripped down version of XP / Vista... its actually a completely different OS and works differently... then Symbian phones do not get the same viruses as windows... so basically its showing that OSX could potentially get viruses....
Quote this comment #1.2 Posted by vetmarkjensen on 17 Jan 2008 - 13:08
Except it's not news that OSX/BSD/Linux/HUPX/AIX can all be hit by a trojan (which is just a file that is thought to be benign - usually by deceptive names or documentation - but contains a malicious payload).

A file claiming to be a free ringtone/game/whatever can contain a rm -rf /. Et Voila! A trojan on unix.
(1 reply) Quote this comment Reply to this comment #2 Posted by evo_spook on 17 Jan 2008 - 12:21
I believe someone in backpage news said this was just fud and a confused half story
Quote this comment #2.1 Posted by vetSlimy on 17 Jan 2008 - 12:52
I expect no less from slashdot but the story isn't exactly about the iPhone trojan.

Last edited by Slimy on 17 Jan 2008 - 12:53
(4 replies) Quote this comment Reply to this comment #3 Posted by Munkyman on 17 Jan 2008 - 12:25
FUD
Quote this comment #3.1 Posted by RAID 0 on 17 Jan 2008 - 16:56


??
Quote this comment #3.2 Posted by +Octol on 18 Jan 2008 - 01:52
FUDD: Fear, Uncertainty, Doubt, and Denial.
Quote this comment #3.3 Posted by RAID 0 on 18 Jan 2008 - 03:38
Quote - (Octol said @ #3.2)
FUDD: Fear, Uncertainty, Doubt, and Denial.


I know. I just wanted to post Elmer.
Quote this comment #3.4 Posted by Croquant on 18 Jan 2008 - 04:42
Be werry werry quiet. It's Macfan season. I'm hunting Macfans.
Quote this comment Reply to this comment #4 Posted by evo_spook on 17 Jan 2008 - 12:30
From several days ago:

http://www.neowin.net/forum/index.php?showtopic=612684
Quote this comment Reply to this comment #5 Posted by david13lt on 17 Jan 2008 - 12:55
So, again this only effects those devises which were jailbreaked?.. In this case Apple can't do anything, if people want to risk - they can do it on their own will.
(3 replies) Quote this comment Reply to this comment #6 Posted by EdShelley on 17 Jan 2008 - 13:27
Okay, so some guy goes and Jailbreaks/Hacks his iPhone, therefore making it vulnerable to attacks (especially if SSH is installed with default password)

My point is, how the hell does that make the iPhone a 'bad corporate tool'?! If people wanna go and hack their phones, they should expect reduced/no security from things like this. We're talking here of an "application" in the installer.app that the user must choose to install themselves.

Most Smartphones can be 'hacked' or similar, and the story would be exactly the same in terms of security.

This story seems to be taken completely out of context...
Quote this comment #6.1 Posted by BigBoy on 17 Jan 2008 - 17:26
The reason why this is still a fair warning (and should be heard more often) is because unlike majority of smartphones, Apple designed iPhone with a 90's security model in mind. Everything runs as root. The equivalent to Windows 95, where everything ran as Admin.

There is going to be a price to pay for this, unless they manage to patch this but I am not sure they can make such sweeping architectural changes in a patch.

We will of course see. However, iPhone has sold in numbers great enough for it to become a target. Coupled with the above security model, it is too tempting. Saying that "every other phone can be hacked" does not make that different.
Quote this comment #6.2 Posted by +Axon on 18 Jan 2008 - 04:00
Quote this comment #6.3 Posted by +Axon on 18 Jan 2008 - 04:00
Quote - (BigBoy said @ #6.1)
The reason why this is still a fair warning (and should be heard more often) is because unlike majority of smartphones, Apple designed iPhone with a 90's security model in mind. Everything runs as root. The equivalent to Windows 95, where everything ran as Admin.

I suspect this will change when the SDK is release. It would be an even more colossal mistake if it didn't.
(1 reply) Quote this comment Reply to this comment #7 Posted by Optix Illusion on 17 Jan 2008 - 13:44
Cool, an ITrojan!
Quote this comment #7.1 Posted by kazuyette on 17 Jan 2008 - 15:52
(1 reply) Quote this comment Reply to this comment #8 Posted by eAi on 17 Jan 2008 - 14:07
This was posted like two weeks ago on many tech news sites then found to be a badly written program written by a 14 year old. The only reason it uninstall other apps is that the uninstaller was copied from those other apps...
Quote this comment #8.1 Posted by whocares78 on 18 Jan 2008 - 06:29
hahah so a 14 year old that can't program properly accidentally created this... hahah imagine what a real programmer could do then
(2 replies) Quote this comment Reply to this comment #9 Posted by .kvn on 17 Jan 2008 - 20:51
Way to go Neowin, old news.
Quote this comment #9.1 Posted by evo_spook on 17 Jan 2008 - 22:11
Quote - (.kvn said @ #9)
Way to go Neowin, old news.


Didn't you get the memo? its bash Apple week, along in a few hours is a regurgitation of that porn download application thats pretending to be a codec
Quote this comment #9.2 Posted by NeoTrunks on 17 Jan 2008 - 22:51
Quote - (evo_spook said @ #9.1)
Quote - (.kvn said @ #9)
Way to go Neowin, old news.


Didn't you get the memo? its bash Apple week, along in a few hours is a regurgitation of that porn download application thats pretending to be a codec


And a lot of the bashing is just old news as well. Remember that comment about the one button mouse yesterday? Welcome to 2008 .
Quote this comment Reply to this comment #10 Posted by The Walker on 17 Jan 2008 - 22:59
Seeing as it only affects the jailbroken version of the iphone... isn't it possible Apple has created this to discourage hacked phones?... After all the hacked phone affects their business model, not to mention they'd get a nice profit from you all having to go buy new ones.
[1]

Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!

Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.


Scroll to the Top
....
My Preferences
....
Communicating with server
Loading
Please Wait...
....
Loading
 X 
....