Well known security expert H.D. Moore published entertaining article on how to make your Apple iPhone to be a hacking platform…
Having a network-enabled root shell in my pocket is great, but being able to pop a root shell on someone else’s iPhone is even better. A few things to keep in mind:
Every process runs as root. MobileSafari, MobileMail, even the Calculator, all run with full root privileges. Any security flaw in any iPhone application can lead to a complete system compromise. A rootkit takes on a whole new meaning when the attacker has access to the camera, microphone, contact list, and phone hardware. Couple this with “always-on” internet access over EDGE and you have a perfect spying device.
You could buy a laptop and use your existing smartphone as a wireless modem. Not as cool as the iPhone trick but probably more practical especially if you need to do more than a simple command.
The IT Guy,
Actually, having read Moore’s article I was amazed that iPhone’s applications are running with root privileges. It’s unacceptable from security perspective. I guess you agree with me. Now I understand why Apple tries to prevent spreading of third party or community developed applications for iPhone…
Fine work, hope to hear more from you.Are you working in a Group that you can make such a fine Blog?