UPDATE:
TUAW's Michael Rose had this to say about the vulnerability and the FUD that its causing.
news.com is reporting today that Independent Security Evaluators, a company tests its clients' computer security by hacking it, said that they could take control of iPhones through a Wi-Fi connection or by tricking users into going to a Web site that contains malicious code.
Apple spokeswoman, Lynn Fox, said, "Apple takes security very seriously and has a great track record of addressing potential vulnerabilities before they can affect users. We're looking into the report submitted by ISE and always welcome feedback on how to improve our security."
news.com had more on this:
Miller, a former employee of the National Security Agency who has a doctorate in computer science, demonstrated the hack to a reporter by using his iPhone's Web browser to visit a Web site of his own design.
Once he was there, the site injected a bit of code into the iPhone that then took over the phone. The phone promptly followed instructions to transmit a set of files to the attacking computer that included recent text messages--including one that had been sent to the reporter's cell phone moments before--as well as telephone contacts and e-mail addresses.
"We can get any file we want," he said. Potentially, he added, the attack could be used to program the phone to make calls, running up large bills or even turning it into a portable bugging device.
Details on the vulnerability, but not a step-by-step guide to hacking the phone, can be found at Exploitingiphone.com, which the researchers said would be unveiled today.
No one has reported being hacked by this exploit yet, but it would be wise for the time being to be careful of what public wi-fi networks you connect to.
Read entire story at news.com.
