Crashing The iPhone

[InfoSec News <alerts () infosecnews org>]

http://www.forbes.com/technology/2008/11/03/apple-iphone-bug-tech-security-cz_tb_1103iphone.html

By Taylor Buley 
Security
Forbes.com
11.03.08

Burlingame, Calif. - Italian systems engineer Piergiorgio Zambrini won 
fame and money last year when he created "Ziphone," the first widespread 
application that unlocked iPhones to run on mobile carriers other than 
AT&T. Now he's making another bid for the spotlight by revealing a bug 
that can crash the iPhone and, he says, other devices including iPods 
and Apple computers.

Zambrini planned to publish news about the bug Monday--although he's 
saving the technical details for Apple (nasdaq: AAPL - news - people ), 
he says--at least for now.

The 38-year-old security expert praises Apple's marketing prowess and 
calls Steve Jobs a genius. But there are chinks in Apple's software--and 
Zambrini is determined to uncover them.

The bug Zambrini found is in the audio portion of Apple's video format. 
Knowing the bug exists, someone could write a program that incorporates 
the bug into a video file and trigger a crash whenever an iPhone 
attempts to run that file. The bug, which is located in a shared code 
library that is used across most Apple operating systems and some Linux 
ones as well, doesn't appear to cause any permanent damage, but 
immediately sends the device into a panic that leads to a lengthy 
reboot.

Forbes.com has confirmed that it crashes the latest generation of 
iPhones. Zambrini asserts it can take down any Apple iPod or iPhone, 
too.

[...]


______________________________________________      
Visit the InfoSec News Security Bookstore
Best Selling Security Books and More!
http://www.shopinfosecnews.org