A flaw in iOS will be repaired with the first released build of iOS 7, Apple said on Wednesday. The security exploit allows hackers to break into and spy on an Apple iPhone or Apple iPad that is connected to a computer disguised as a charging dock. The security flaw was demonstrated on Wednesday at the Black Hat hacking convention in Las Vegas, as an iPhone was connected into a custom built recharging station that included a tiny Linux computer. The whole thing cost all of $45 to make. The station was designed to send a virus into the connected iPhone and force it to call the phone of one of the developers. Needless to say, it worked.
In a real-life situation, the virus could have commanded the iPhone to take screen shots of credit card numbers or banking PIN numbers. Emails, contact info and other sensitive information could be spied on, and the location of the phone's owner could be obtained. Billy Lau, a research scientist at the Georgia Institute of Technology, called this "white hat" hacking when pros hack to show off potential security problems so that they can be repaired. Lau says that Android models are not vulnerable to the same attack
because of a warning that users receive if their Android flavored device is plugged into a computer.
In iOS 7, a similar pop up message to the one used in Android, will show up in this situation stating that the phone is connected to a computer, not a charger.
source:
Reuters
