This is the talk that I blogged about earlier about owning the iPhone through SMS. The work Charlie and Collin did was actually amazing.
In their presentation they first looked at SMS. SMS is a building block of the phone system and essential to the working of the modern network because it is used for all kinds of stuff. Why is it good to attack? No firewall, processed by all phones, no user interaction and you only need a phone number to send an SMS.
Read more…
Charlies Miller’s and Collin Mulliners talk “Fuzzing the Phone in your Phone” today revealed full details that could make the first iPhone virus infection at the Blackhat security conference in Las Vegas.
Large SMS messages are cut up in smaller SMS messages, this means that the SMS messages need to be parsed by the phone to put it back together and thus can be used as an attack vector to breach the phone. By using a technique known as fuzzing, Miller and Mulliner where able to find exploitable conditions that could be turned into an attack and an iPhone virus. The attack takes a total of 519 SMS messages, but will work without any user interaction.
Read more…
As seen on Macrumors.com, a Dutch company Layer (yeah Netherlands!) has the first augmented reality browser working on a mobile phone!
“A new augmented reality app called Layar is making the rounds on the web as an example of what can be done with Augmented Reality. Layer is described as the world’s first mobile augmented reality browser.
Layar shows you what is around you by displaying realtime digital information on top of reality through the camera of the mobile phone. Just flip through the directory of layers and find ATM’s, bars, houses for sale, hotels and other cool stuff around you. The app accomplishes this through the use of the Compass, camera and GPS embedded within the phone…
The app is first available for the Android devices but they are working hard on porting it to other platforms “with a prime focus on the iPhone 3G S.”
