The CanSecWest security conference is an annual affair in Canada that focuses on applied digital security issues.
One of the popular events at the conference over the years has been Pwn2Own, a contest that challenges security experts to exploit vulnerabilities in mobile phones and operating systems for cash rewards totalling over US $100,000.
As part of the contest, participants will look to target smartphones running on iPhone OS, Blackberry OS, Symbian or Android and make use of vulnerabilities in parsing media, dynamic web content, email and other client side issues to successfully exploit the OS. While the iPhone is known to be quite secure, security researcher and Pwn2Own contest organizer Aaron Portnoy however feels that the iPhone could be the device that could end up as the most vulnerable target among the mobile phone platforms in the contest this year. He says:
"With all the recent research on mobile phone security being presented worldwide, these devices are quickly becoming a ripe target. First to fall: the iPhone."
Mac OS X expert Charlie Miller concurs with Portnoy. He says that while the iPhone OS is pretty tough to exploit, it is pretty similar to the Mac OS X from an exploitation perspective. Miller concedes that a few participants at Pwn2Own are already aware of certain exploits that they could intend to use on the iPhone. However, he concedes that it may not be an easy task. Miller says:
"There isn't as much exposed code on the iPhone. The easy to exploit bugs I know about happen to live in the code that Safari has but Mobile Safari doesn't. In real life the iPhone is harder because you can't just execute a shell. You have to write your return-oriented payload to do all your dirty work, which can be a pain."
Despite the ever increasing popularity of the platform, there have not been any major security breaches with the OS so far. Having said that, it will be interesting to see if any of the participants at Pwn2Own actually become successful in exploiting the iPhone. Do you think iPhone will be the first to fall at the contest?
[via Ars Technica]
Who cares where is the new jailbreak!!
come one unlock 3.1.3 !!!!!!!!!!!!!!
they will try harder on the iPhone cause its the number one smartphone on the market so u can get to more people if u attempt the iphone however I dont think it will be the first to fall
actually iphone isint No. 1. Nokia is 1st in mobile sales. But anyway hope this has nothing to do with baseband unlocking, as if some participant may find the same exploits as dev team's and all this waiting as not to waste an exploit would go to waste…
@Ques
Actually Ques, the iPhone is the number one single selling smartphone on the market. Nokia has the most mobile phone sales total and that's quite understandable when looking at the breadth of their products. It isn't that impressive when Apple only makes a single smartphone and can outsell any company's number one phone.
Exactly he's is an idiot who thinks he's not. The worst kind!
That is a lame trap for APPLE to close all possibilities to Hack the iphone. How else would you tempt hackers to show off. APPLE wants to know, so they can guarantee APPSTORE to be a safe place for people to drop their software and make money. Otherwise who will create APP to see it given away? APPLE needs APPSTORE to be reliable source of income, for both the user and APPLE. Can you blame them for that? I am 100% for Jailbreak and I love APPLE, how do we get a WIN-WIN situation?
there no such thing as something thats not hackable…or would have been done already. thats like making something that cant be broken. if you can make it, you can break it. the app store is nothing….you do know these are the peole who created the ipod….
@Ques
you're an idiot, you can't compare nokia's sales as a whole to apple's. We're talking about SMARTPHONES, not everything under the sun.
is there any news on how to jailbreak 3.1.3 on iPhone 3GS on the new iBoot?