iPhone SMS database hacked in 20 seconds, news at 11 originally appeared on Engadget on Thu, 25 Mar 2010 02:36:00 EST. Please see our terms for use of feeds.
Thursday, March 25, 2010
a story tailor-made for the fear-mongering subset of news media. This week, a pair of gentlemen lured an unsuspecting virgin iPhone to a malicious website and -- with no other input from the user -- stole the phone's entire database of sent, received and even deleted text messages in under 20 seconds, boasting that they could easily lift personal contacts, emails and your naughty, naughty photos as well. Thankfully for us level-headed souls, those gentlemen were Vincenzo Iozzo and Ralf-Philipp Weinmann, security researchers performing for the 2010 Pwn2Own hacking contest, and their $15,000 first prize ensures that the winning formula will go to Apple (and only Apple) for further study. Last year, smartphones emerged from Pwn2Own unscathed even as their desktop counterparts took a beating, but this makes the third year in a row that Safari's gotten its host machines pwned. That said, there's no need for fear -- just a healthy reminder that the Apple logo doesn't give you free license to click links in those oh-so-tempting "beta-test the new iPad!" emails.