On the second day of the pwn2own competition in Vancouver B.C., hackers took to their devices and showed off what they have secretly been working on. After a successful first day, where we saw Safari running on Snow Leopard and Internet Explorer 8 running on Windows 7 SP1, now the focus turned to the iPhone 4 and iPad.
ZDnet met up with Charlie Miller, the hacker who managed to steal contacts from the iPhone's phone book using a flaw in the mobile version of Safari. Miller managed to bypass the iPhone's DEP (Data Execution Prevention) to gain access to a users contacts, but only after the Safari browser crashed once.
The iPhone 4 was running iOS 4.2.1, but Miller said the exploit will fail against iOS 4.3, the latest firmware update for iDevices. Miller said that the exploit still exists in iOS 4.3, but Apple has added ASLR (Address Space Layout Randomization) to the latest firmware update, adding another roadblock for hackers to bypass.
This isn't the first time Miller has successfully managed to hack an iPhone; back in 2007, Miller managed to hack into the iPhone 2G. In 2009, Miller was able to create a script that read entire chatlogs of your SMS messages, address book, call history and voicemail data.
Next up, is the BlackBerry, Samsung Nexus S, and Dell Venue Pro 7. GeoHot was originally supposed to show to help crack the Dell Venue Pro 7, but backed out last minute to help focus on his court case with Sony.
50 Comments - Add comment