From PC World: Security on the iPhone is heavily dependent on Apple's ability to vet all third-party apps before users download them. But a French hacker claims he has found a flaw in the smartphone's text messaging service that bypasses the safeguard.
The hacker, who calls himself "pod2g" and is best known for jailbreaking iPhones, says the vulnerability could let an attacker send a message pretending to be from a bank, credit card company, or other trusted source.
Because the flaw does not involve code execution, an attacker does not need to get malware past Apple, which approves all mobile apps before they are sold on the App Store, the only legitimate site for downloading software for Apple mobile devices.
Pod2g, a self-professed iPhone security researcher, said the flaw is "severe" and affects all current versions of iOS and iOS 6 beta 4. IOS is the iPhone and iPad operating system.
"I am pretty confident that other security researchers already know about this hole, and I fear some pirates as well," he said in a blog post.
View: Article @ Source Site