In June we heard about Mactans, a malicious iPhone charger created by three security researchers from the Georgia Institute of Technology. This week the researchers presented their findings at Black Hat, an annual hacker convention in Las Vegas, and Apple officially responded to them. Here's the deal...
At this year's Black Hat USA security conference cryptographer and security researcher Karsten Nohl will be presenting his findings on SIM card insecurities. While Nohl's research revealed that about one-quarter of the tested SIM cards were vulnerable to an attack that exploits an outdated encryption standard, it's unclear at this point exactly who should be worried.
Three researchers from the Georgia Institute of Technology are scheduled to give a talk at the 2013 Black Hat security conference on iOS malware injection using malicious chargers. While the full details of the exploit won’t be revealed until the talk this July, the researchers have said that their method works on the latest version of iOS and does not require a jailbreak.
Apple gave their first ever presentation at the Black Hack conference on Thursday, and while it sounds like it didn't live up to the expectations of those unfamiliar with Apple's typical level of community engagement, it did happen. Nicole Perlroth, writing for The New York Times, reports:
Technologizer is reporting on the developing story on SMS attacks coming out of today's Black Hat Conference sessions. Seems like while the iPhone is grabbing a lot of attention, almost all GSM phones are said to be vulnerable. Basically, they get around the anti-spoofing security and send data designed to get access and take control of the phone.
The Jailbreak and Unlock wizards behind the iPhone DevTeam are off to DEFCON 17, the security/hacking convention that juxtaposes Black Hat 2009, and have provided a set of tips to help those at the conferences (or anywhere really) avoid getting their iPhone hacked into. The tips are really targeted at Jailbroken iPhones, but some cross over to regular iPhone users as well.