Apple has patched a flaw in the iPhone that makes it vulnerable to being hacked by a text message.
Charlie Miller, security researcher at Independent Security Evaluators described on Thursday how he could take over an iPhone with a single text message. He made the disclosure at the Black Hat security conference in Las Vegas.
In an interview yesterday evening, Miller told me he told Apple about the flaw six weeks ago, but he didn’t get a sense that they were moving quickly. But after his final talk on Thursday, I watched as Apple security experts approached Miller. They asked him if they could quickly test the patch they had created in response to his talk. They needed details on the hack in order to be able to properly test whether their fix for the flaw would truly work.
Miller agreed to offer his help, and he joked, “I expect free lifetime service from AT&T.” The Apple guys laughed. Miller believed it wouldn’t be that hard to patch the system against his potential attack.
The AI Impact Tour
Connect with the enterprise AI community at VentureBeat’s AI Impact Tour coming to a city near you!
Today, the BBC is reporting that O2, a phone carrier in the United Kingdom, says Apple will deploy a patch on Saturday in networks in the United Kingdom. Miller and colleague Collin Mulliner found they could create a text message that could run unfiltered through a text message processing center and be routed to any phone. They could use it to turn an iPhone off every 10 seconds, rendering it useless or allowing it to be compromised.
[Update: A variety of sources, including Miller, now report the update is available on iTunes now.]
VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.