NEWS FROM THE LAB - Friday, September 28, 2007

Hacker Tools vs iPhones Posted by Jarno @ 12:36 GMT

Msf3 HashdumpThe past week has been rather interesting on the iPhone front.

First, H.D. Moore of Metasploit has been working on iPhone support for the Metasploit Framework. The Metasploit Framework is a development system used by security professionals for vulnerability and exploit research. And having iPhone support in Metasploit makes security vulnerability and exploit research easier, which makes developing new exploits more likely.

Also in the news is that Apple's iPhone 1.1.1 firmware update breaks unlocked iPhones, which means that anyone who updates an unlocked iPhone will return it to an activation screen and reactivating the phone will be impossible. At least until someone figures out a new way to hack the phone that is…

These and other developments in the field will make iPhone security research very interesting. The fact that Apple is actively defending iPhone locking makes it a very tempting target for skilled hackers – both as worthy challenge and for bragging rights. This means that we'll probably see more details about the iPhone's internals in the future. It's already safe to say that the iPhone is probably the most well-known and understood closed system there is.

Unfortunately the amount of technical information makes it likely that sooner or later someone will misuse that information to create worm or some other malware. This will create an interesting problem for the security field as the iPhone is currently a closed system and it's not feasible to provide Anti-Virus or other third party security solutions for it.

So if someone were able to create a rapidly spreading worm on the iPhone, protecting users against it would be problematic.

Fortunately as Cabir and Commwarrior Symbian worms have proven, even mobile worms that are capable of infecting large user populations have been rather slow at spreading. Thus hopefully Apple will have enough time to react if iPhone malware appears.