iPhone gets iPwned{4}

by Kevin Q
The article I read about was quite short but interesting nonetheless. I was about a yearly competition that is held called the Pwn2Own, which is a hacking competition in which teams of people compete to hack systems and devices. With the growth in popularity of smart phones, Vincenzo Iozzo and Ralf-Philipp Weinmann set there sight on hacking the infamous iPhone. By simply visiting a malicious website that they had setup, the iPhone with no user input, had its entire SMS database stolen without consent. The entire SMS database on smart phones would include text messages, picture messages, contacts, emails and more. It only took 20 seconds to lift all that data from the iPhone, and Apple was gladly ready to award the $15k reward in order to study these two hackers exploitative findings. The previous year smart phones did not recieve any malicious harm, so it was somewhat of a thrill at the competition to see the first successful hacking.

This article is neat because I think it is a smart move by companies to have these kind of competitions or similar events to test your hardware and or software against some of the brightest people. Google recently did the same thing with their browser Chrome in which they offered $60,000 to anyone who could hack it, thus giving Google and other companies alike the chance to reassess their product. The fact that the iPhones entire SMS database was stolen in 20 secs is crazy, granted its not as large as company databases…but still it can have extremely sensitive information within. Hopefully this model with continue to flourish, so that both sides can be happy.


Source: Hollister, Sean. (2010, March 25) iPhone SMS database Hacked in 20 Seconds, News at 11. Engadget.com. Retrieved from : http://www.engadget.com/2010/03/25/iphone-sms-database-hacked-in-20-seconds-news-at-11/