Star Worm for Jailbroken iPhones with Default Root Passwords
Linked by Thom Holwerda on Mon 9th Nov 2009 23:39 UTC
Apple The web went aflame today with headlines like "First iPhone worm discovered", and many other variants. Most of those headlines, however, left out a very important little fact which diminishes the impact of the news considerably: it only affects jailbroken iPhones with SSH installed, and with default root passwords.
E-mail Print r 0   · Read More · 20 Comment(s) http://osne.ws/hc3
Thread beginning with comment 393712
To read all comments associated with this story, please click here.
Smart and dumb?
by Delgarde on Tue 10th Nov 2009 01:13 UTC
Delgarde
Member since:
2008-08-19

So, it affects people who are smart enough to know how to jailbreak an iPhone. And who are stupid enough to leave a default password in place?

Reply Bookmark Score: 2

RE: Smart and dumb?
by mrhasbean on Tue 10th Nov 2009 01:33 in reply to "Smart and dumb?"
mrhasbean Member since:
2006-04-03

So, it affects people who are smart enough to know how to jailbreak an iPhone. And who are stupid enough to leave a default password in place?


You don't have to be smart to Jailbreak an iPhone - 30 bucks and it's done - and you have to be incredibly dumb to install SSH and not change the root password. Those who've been affected need to go give themselves an uppercut.

As for the sensationalism, do we really expect anything else from the media? The same lot that tell us that everyone who dresses or looks or "acts" differently to "us" (whatever that means) is a terrorist, and we should lock our kids away in the house in front of the TV eating McDonalds because if we let them play outside they'll get sunburn and skin cancer then the perverts that are waiting behind every tree around the neighbourhood will snatch them away. If it wasn't for sensationalism they would be out of jobs - it's ALL they do...

Reply Parent Bookmark Score: 7

RE[2]: Smart and dumb?
by broch on Tue 10th Nov 2009 14:55 in reply to "RE: Smart and dumb?"
broch Member since:
2006-05-04

bull,
SSH utility for iPhone does not have command prompt to allow password change. One needs to install additional app or log in from computer.. which might be too late already.

First run of ssh in iPhone is useless if it does not allow to change password.

But what one would expect from the device that is not designed with security in the mind?
Maybe Apple should start paying more attention to security instead of worrying if application containing word iPhone (e.g. iPhone reference manual) will be admitted to Apple store or not.

Edited 2009-11-10 14:56 UTC

Reply Parent Bookmark Score: 0

Read more of this thread... >