posted by Jordan Spencer Cunningham on Fri 3rd Jul 2009 21:23 UTC
There haven't been too many iPhone exploits, it seems, despite the popularity of said devices. However, Charlie Miller, a security researcher, recently uncovered a vulnerability in the iPhone OS that could possibly "allow an attacker to run software code on the phone that is sent by SMS over a mobile operator's network. The malicious code could include commands to monitor the location of the phone using GPS, turn on the phone's microphone to eavesdrop on conversations, or make the phone join a distributed denial of service attack or a botnet." Scary, isn't it? They say it's not very likely that others will exploit it even on a small scale before Apple issues the patch, but having a hole like that just sitting there makes me glad right now that I don't own an iPhone.