Thursday, 1 August 2013

Apple to fix bug that allows fake chargers to hack iPhones: Reuters

Apple is reportedly going to release a software update for iOS that will fix a bug that allows fake chargers to hack and snoop on iOS device owners according to a report by Reuters. As of now, all iOS powered devices – the iPhone, iPod touch and the iPad are vulnerable till Apple releases iOS 7, which is expected sometime later in the year. Apple claims that the issue has been resolved in the latest beta of iOS 7, but it is only available to people who have Apple developer accounts.

Three computer scientists alerted Apple to the issue and even demonstrated the problem at a Black Hat security convention in Las Vegas earlier in the year. In the demonstration they plugged an iPhone into a custom build charger that integrated a tiny Linux computer that was designed to attack the device. Then the charger infected the phone with a computer virus that had been programmed to dial the phone.
According to the scientists, in the real world, hackers could theoretically build viruses that would give them remote access over the device. In the process, they could take screenshots, steal banking passwords and credit card numbers. They could also access emails, messages, contacts or even track the location of the handset. Essentially, a hacker, could turn a iOS powered product into a spying tool.

In comparison, Google’s Android operating system does not suffer from the problem, because it gives the user a warning when a device is plugged into a computer, even if it’s posing as a charging station. Once iOS 7 is released publicly, a message will pop up notifying the user that they are connected to a computer and not an ordinary charger.