http://blog.wired.com/27bstroke6/2007/06/security_reseac.html By Ryan Singel June 13, 2007 Like many geeks, security researcher David Maynor is eager to get his hands on an iPhone. Unlike many geeks, Maynor also has harsh feelings about the Think Different company and what he says is an undisclosed vulnerability in Apple's Safari browser that he hopes will let him hack into the hugely anticipated device. After Apple released the beta version of Maynor took a whack at Apple's Safari browser for Windows using fairly easily available bug-finding tools and says he found six bugs in a day. Maynor says one of them allows him to execute code remotely and he's "weaponized" it, according to his blog. "One of the six is robust. I'm going to work on better remote execution and then wait for the iPhone," Maynor told THREAT LEVEL today as part of an interview for a Wired News story running Thursday. "Everyone I know is eager to hack the iPhone. Maybe that would actually break into it." "I'm going to the first in line," he added later, saying that after Apple CEO Steve Jobs announced that developers can write apps for the iPhone through Safari, "it's going to be a free-for-all." For for those who don't know, Maynor and Apple are not friends. Far from it. He refuses to report bugs to Apple following an incident last summer when he divulged a wireless driver bug to Apple. He later demoed an exploit on a non-Apple wireless adapter in a video to a conference. Apple then tried to make him say the code wouldn't work on a MacBook and denied he provided Apple with enough info for them to find the bug. Mac backers accused Maynard and security journalist Brian Krebs of overblowing the situation. Apple later patched the bug with no mention of Maynard. While Maynard was not able to reveal emails he sent from his employer at the time, he was largely vindicated when he released some emails to and from Apple in a later presentation, though he did apologize for the manner in which he publicized the exploit. It was an ugly fight, and now Maynor may be holding a zero-day exploit for the iPhone. He's certainly not going to let it loose in the wilds, but if you were an Apple engineer, wouldn't you have nightmares about that very possibility? I mean what malicious hacker wouldn't want to be the first to control an iPhone botnet? _____________________________________________________ Attend Black Hat USA, July 28-August 2 in Las Vegas, the world's premier technical event for ICT security experts. Featuring 30 hands-on training courses and 90 Briefings presentations with lots of new content and new tools. Network with 4,000 delegates from 70 nations. Visit product displays by 30 top sponsors in a relaxed setting. Rates increase on June 1 so register today. http://www.blackhat.com
This archive was generated by hypermail 2.1.3 : Wed Jun 13 2007 - 22:25:06 PDT