“A rootkit takes on a whole new meaning when the attacker has access to the camera, microphone, contact list, and phone hardware,” renowned hacker HD Moore said regarding a security vulnerability in Apple’s iPhone. “Couple this with ‘always-on’ Internet access over EDGE and you have a perfect spying device,” he added.
Hackers intent on unlocking Apple’s iPhone for use with carriers other than AT&T — and for using third-party applications — exploited a bug in the device’s handling of TIFF images. But that same bug can be used for far more nefarious exploits, renowned hacker HD Moore reported on his Web site, The Metasploit.
Moore posted to the site an exploit that would allow a hacker to insert malicious code onto someone’s iPhone to access the device’s data. Because the flawed TIFF library is used by the iPhone’s Web browser, e-mail program, and iTunes software and because all of those programs run as root processes — one of the iPhone’s undocumented "features" is a gaping security hole.
NewsFactor Network | Expert Calls Apple’s iPhone ‘Perfect Spying Device’