ShmooCon | Your iPhone's Dirty Little Security Secret
Just how easy is it for the bad guys to use your iPhone against you? Well, pretty easy. Trevor Hawthorn explains what to do about it.
By Bill Brenner , Senior Editor
February 06, 2010 — CSO —
WASHINGTON D.C. -- We've heard much about how our PCs and laptops can be compromised through malware and insecure wireless access points and often comfort ourselves with the knowledge that our smart phones are safe from such things.
But the smarter these phones become, the more susceptible they become to those same dangers, and more. That was the warning at ShmooCon 2010 this morning from Trevor Hawthorn, founder and managing principal at Stratum Security.
"The old smart phone wisdom in terms of security best practices was that you simply needed to wipe the devices of all your data before selling them on eBay," he said. "Today, you can use them to access the company VPN and Outlook, so the dangers are much more in line with those of PCs and laptops."
Hawthorn discussed security holes (since fixed) found in AT&T's network, which Apple's iPhone uses, and how an epidemic of "jailbreaking" is disabling critical security controls on the device.
Jailbreaking is a process iPhone and iPod Touch users can exploit to run whatever code they want on the device, whether it's authorized by Apple or not. Jailbreaking the phone allows you to download a variety of apps you couldn't get in the Apple App Store.
For those who hate Apple's heavy hand and welcome any method to thumb a nose at the company's decrees, jailbreaking is very attractive. But there's a problem, Hawthorn said. A big one.
"Jailbreaking wipes away 80 percent of the iPhone's security controls," he said. "Since nearly 7 percent of all iPhones are jailbroken," the bad guys have plenty of targets to choose from.
And target they have.
Exhibit A is the iKee worm. According to an earlier analysis from security vendor Sophos, Apple iPhone owners in Australia were infected by a worm that changed their wallpaper to an image of 1980s pop crooner Rick Astley. "The worm, which could have spread to other countries although we have no confirmed reports outside Australia, is capable of breaking into jailbroken iPhones if their owners have not changed the default password after installing SSH," Sophos Senior security Consultant Graham Cluley wrote. "Once in place, the worm appears to attempt to find other iPhones on the mobile phone network that are similarly vulnerable, and installs itself again On each installation, the worm - written by a hacker calling themselves "ikex" - changes the lock background wallpaper to an image of Rick Astley with the message: 'iKee is never going to give you up.'"