July 30, 2009
International Business Times
A Mac security expert has discovered a technique that hackers could use to take control of Apple Inc. computers and iPhone’s in order to steal data, disproving the long believed theory that Apple products are more secure than PCs.
Charlie Miller, a noted security researcher, discovered the hack a month ago and contacted Apple, but the company has yet to release a software update fixing the security hole. Miller and fellow researcher Collin Mulliner will make the exploit public at today’s Black Hat cyber security conference in Las Vegas, where hosts and attendees exchange information on Internet threats.
The hack involves sending a series of SMS messages to hijack the iPhone. At that point, the hacker could make calls, steal data, send text messages, and basically control all functions of the phone. The hacker could even use it to hijack more iPhones.
Earlier this month, the iPhone was shown to not be as safe as users had expected. Forensics expert Jonathan Zdziarski recently bypassed the iPhone 3GS’s passcode PIN and backup encryption with relative ease.
Attacks on Apple computers are extremely rare, but security experts believe this will soon change as Macs gain market share on PCs running Microsoft Corp’s Windows operating system.
Dai Zovi, who is the co-author of “The Mac Hacker’s Handbook,” said that once hackers start to put substantial resources into targeting Apple’s computers, they will be at least as vulnerable as Windows machines, according to Reuters.
“There is no magic fairy dust protecting Macs,” he said.
Miller, co-author of “The Mac Hacker’s Handbook,” said that the Mac OS will be easier to crack than Windows as it is bigger and less concisely written. This means that there is more room for vulnerabilities and bugs.