Earlier today we mentioned that the iOS hacker, i0n1c, stated that he was going to wait until iOS 4.3.1 to release his jailbreak. This comes in wake of the events that took place in Canada at this years Pwn2Own contest. Of large interest to hackers and corporations alike, thousands turn out to witness the latest in cyber security fraud.
The name of the game is Pwn2Own, meaning if you are the fastest to hack it, you get it. These devices range from Blackberrys and iPhones, to MacBooks and laptops. Google was even on hand with a $20,000 reward to anyone who could hack their Chrome software. But day 2 was all about the iPhone 4, and was once again exploited by security expert, Charlie Miller…
Done through Safari, the exploit targets the iPhone 4 with a rigged website. Miller's first attempt at the hack failed, causing the iPhone browser to crash. But once it was relaunched, Charlie was able to hijack the entire address book.
It is important to note that the iPhone 4 was running firmware 4.2.1, since 4.3 just went live this week. Although Miller's Safari exploit still exists in 4.3, Apple's new ASLR feature would have to be bypassed to make it work. This new layer of security seems to have hackers a bit baffled.
But the day belongs to Charlie Miller, and wherever he is with his new iPhone 4 and $15,000 prize money, we salute him.
No comments:
Post a Comment