iPhone PDF vulnerability

[Chibibar]

BBC News - iPhone at risk from security flaw

Now that is funny. There is a possible security flaw via PDF reader in Safari on iPhone. The current fix? (well the fix before Apple can issue a fix) is to jailbreak the phone and install an app that will warn you before opening it.

Sadly, this flaw is on all Apple mobile devices that use Safari

 

[Seraphyn]

It's the first thing everyone thought about when the new jailbreakme hit. Just visiting certain sites makes your device vulnerable to this exploit and really, it's just a matter of time till someone does something with it if it's not fixed soon.

 

[Chibibar]

It's the first thing everyone thought about when the new jailbreakme hit. Just visiting certain sites makes your device vulnerable to this exploit and really, it's just a matter of time till someone does something with it if it's not fixed soon.

Yea. consider that PDF is very popular internet document format I can see this happening.

 

[Shakey]

When I worked for an ISP/phone company doing dialup support I remember dealing with people who got viruses that dialed porn lines or long distance and racked up huge phone bills. DSL pretty much wiped that scam out. I have no doubt with all the smart phones being sold it's just a matter of time before it comes back again.

 

[drifter]

When I worked for an ISP/phone company doing dialup support I remember dealing with people who got viruses that dialed porn lines or long distance and racked up huge phone bills. DSL pretty much wiped that scam out. I have no doubt with all the smart phones being sold it's just a matter of time before it comes back again.

It already has, although I don't have any idea how extensive it is.

 

[Shakey]

I know I've seen where different security companies have demonstrated making calls and sending text messages, but I haven't heard of any actual outbreaks yet.

 

[drifter]

Hmm, might be my mistake. I read about it a while ago, I easily could be misremembering the details.

-edit-

Looks like it's out in the wild, but still uncommon.
ITManagerDaily.com » Blog Archive » Smartphone malware can automatically make expensive calls
Beware - Java Dialers that affect mobile bills - CA Security Advisor Research Blog

 

[Necronic]

Yes.....it was a virus..... <.< >.>

 

[Shakey]

I remember reading about that second one. I'm always a bit skeptical when security companies come out with stuff like that. They are all trying to sell something, so they have an incentive to exaggerate about how wide spread it is. I'll believe it's a big problem when we actually hear about large outbreaks. With Flash coming to a lot if the newer phones, it may not be far off.

It was always funny when people called in with those charges. If it was the first time, we'd usually offer to drop some of the charges if they were willing to block 900 numbers and numbers to foreign countries that are known to be fraud targets. Sometimes you'd get the "Well, maybe I'll just pay the charges...".