iPhone app iPad app Android phone app Android tablet app More

iPhone Security Issues Reported: Germany's Security Experts Warn Of Apple iOS Malware Vulnerability

Iphone Security Issues

07/ 6/11 02:51 PM ET   AP

Inspiring
 Funny
 Obsolete
 Scary
 Must-Have
 Amazing
 Innovative
 Nerdy

BERLIN -- Germany's IT security agency says the software running Apple's iPhones, iPads and the iPod Touch has "critical weaknesses."

The Federal Office for Information Security said Wednesday that clicking on an infected PDF file "is sufficient to infect the mobile device with malware without the user's knowledge" on several versions of Apple's iOS operating system.

It says the same could occur when opening a website that carries an infected PDF file, possibly opening the device to criminals spying on passwords, planners, photos, text messages, e-mails and even listen in on phone conversations.

The agency says Apple Inc. has not yet offered a patch to fix the problem.

Apple Germany spokesman Georg Albrecht told The Associated Press he was aware of the warning, adding that Apple would not comment on it.

FOLLOW HUFFPOST TECH

BERLIN -- Germany's IT security agency says the software running Apple's iPhones, iPads and the iPod Touch has "critical weaknesses." The Federal Office for Information Security said Wednesday that c...
BERLIN -- Germany's IT security agency says the software running Apple's iPhones, iPads and the iPod Touch has "critical weaknesses." The Federal Office for Information Security said Wednesday that c...
Related News On Huffington Post:
 

Read more from Huffington Post bloggers:
Andrew Reinbach

Andrew Reinbach: Computer "Security"

Right now, you're sitting in front of our pact with the Devil. When you finish reading this, you will do nothing about it.

Filed by Catharine Smith  | 
 
 
  • Comments
  • 32
  • Pending Comments
  • 0
  • View FAQ
Comments are closed for this entry
View All
Favorites
Recency  | 
Popularity
photo
LightShadow62
The answers are not found in the extremes
1132 Fans
03:54 PM on 07/07/2011
Biggest security weakness for Apple:

Users who believe the that Apple systems are immune to viruses and malware.
Permalink  |
photo
HUFFPOST SUPER USER
Temsi
Non-conformist. Is that OK?
349 Fans
03:17 PM on 07/07/2011
I've said it before and I'll say it again.
I've actually said it so often I'm now going to refer to it as Temsi's Law:

"The only secure computer is one that is turned off."

Since all smart phones are computers, they are subject to the same law.
Permalink  |
photo
bxbbrian
5 Fans
11:55 AM on 07/07/2011
http://www.youtube.com/watch?v=qZML1LzClT4&feature=channel_video_title
Permalink  |
photo
netzwerg
335 Fans
11:28 AM on 07/07/2011
Here are more details (in Klingon language): https://www.bsi.bund.de/ContentBSI/Presse/Pressemitteilungen/Presse2011/Schwachstelle-im-Apple-Betriebssystem-iOS-06072011.html
Permalink  |
photo
HUFFPOST SUPER USER
PhillyKing
110 Fans
10:31 AM on 07/07/2011
IOS, Android, WP7 and Symbian... they all have vulnerabilities... only a moron would think that in the world today, where high security banks and gov'ts get hacked on the regular, any device is foolproof... the trick is getting the manufacturers to not pretend that it's not present and play the head in the sand routine.
Permalink  |
photo
HUFFPOST SUPER USER
Dr Juan
We built America without BO
427 Fans
08:51 AM on 07/07/2011
I suppose this means we have to by yet another anti-virus program and then a firewall !
Permalink  |
photo
HUFFPOST SUPER USER
Channa
Everyone is entitled to my opinion.
1310 Fans
07:10 AM on 07/07/2011
This is very poor reporting in my opinion. I appreciate knowing that PDF files are suspect but it says, "on several versions of Apple's iOS operating system". This is useless information. WHICH versions? The newest one? If not, I can disregard the warning.
Permalink  |
Chinanski
32 Fans
04:53 AM on 07/07/2011
Easy way to protect yourselves?

Delete your Facebook and Twitter profiles.
Get rid of your mobile.
Only use the internet when really necessary and being really careful while surfing.

Tell your kids about it too.
Permalink  |
photo
Girish Nayak
0 Fans
05:47 AM on 07/07/2011
How abt adding "get home in abbottabad" :)
Permalink  |
photo
HUFFPOST SUPER USER
blyan
60 Fans
12:38 PM on 07/07/2011
... Says the guy posting in an online forum
Permalink  |
photo
HUFFPOST SUPER USER
Glamis Tom
Thanks Coachella. See you next year...
66 Fans
01:01 AM on 07/07/2011
Networked devices, with enough users, will have security issues. Get used to it.
Permalink  |
photo
HUFFPOST SUPER USER
Mydian01
two by two, hands of blue.
891 Fans
 
11:38 PM on 07/06/2011
so they put out a patch, its not like there isnt a mission critical exploit on every platform ever created.

code will always be hacked, this is why i dont jump on android and all its holes. this is why i never really poked microsoft for its swiss cheese os. this is just yawn worthy,

ill let the zealots cry like babies about how this is the end of civilization as we know it, "apple is trying to kill your childrens"
Permalink  |
photo
DracoGem
2 Fans
11:06 PM on 07/06/2011
How do we find out if our phone is being infiltrated. What signs will indicate malware exposure? Should I take off all my PDFs off my phone and scan them with my virus program on my pc?
Permalink  |
Msmit71
0 Fans
08:41 PM on 07/06/2011
The exploit (Used in Jailbreakme 3.0 to jailbreak iPads and iPhones) was released YESTERDAY. EVERY security system has flaws, it's not breaking news. Unlike Android, which has dozens of viruses which are common and easy to get (Only 4 known iOS viruses exist, all of which are rare and limited to jailbroken devices), iOS devices are incredibly secure. Jailbroken users can patch this hole, and Apple will likely release 4.3.4 to fix it soon. Please, you are blowing this out of proportion when it's not a big deal, as thousands of Android devices are infected by REAL viruses, when this isn't even harming people.

People always freak out about Safari jailbreaks because they have the POTENTIAL to be used maliciously. Guess what, they have been around for years, and there isn't a single documented malicious use of them.
Permalink  |
photo
HUFFPOST SUPER USER
CaptainObvvious
Calling me a liberal is a compliment!
1071 Fans
 
06:42 PM on 07/06/2011
"on several versions of Apple's iOS operating system."
"The agency says Apple Inc. has not yet offered a patch to fix the problem."

Does it seem strange at all that it only affects SOME versions but there is no fix for it yet? Is it a problem that existed in an older OS version, was fixed then broken again in the latest update?

I would imagine the most recent version doesn't have that problem.

If it does it needs to be fixed ASAP.
Permalink  |
nishioka
125 Fans
08:08 PM on 07/06/2011
The new jailbreak only works on iOS 4.3 and above (4.2.6 for the Verizon iPhone), which the older iPhone and iPod Touch models don't support. Specifically the original iPhone, iPhone 3G, and the first- and second-generations. That is why the jailbreak is restricted to certain versions. I'm guessing they updated their PDF rendering software for that version since that's the attack vector this time. It introduced a bug that was not present in legacy versions.

The folks who pulled it off said the same hole still exists in iOS 5, but now that Apple knows about it I doubt it'll still be there by the time it ships.
Permalink  |
photo
DRaymond
Network administrator, voiceovers
2086 Fans
11:20 PM on 07/06/2011
Yes, it is the current version.  And legit security agencies always notify the manufacturer privately some time before the announcement to give them a head start on having a solution.
Permalink  |
photo
HUFFPOST SUPER USER
blyan
60 Fans
05:27 PM on 07/06/2011
No way, a massive security hole in another one of Adobe's "standards"? Who would have ever guessed!? And they seriously wonder why Jobs doesn't want Flash on the iPhone? lol
Permalink  |
HUFFPOST SUPER USER
Silverwolf72
Are We There Yet?
301 Fans
07:15 PM on 07/06/2011
Had the same thought! Isn't this a PDF problem and not a IOs problem.
Permalink  |
obviousman88
158 Fans
08:07 PM on 07/06/2011
The hole is probably not in the standard but in Apple's PDF interface. PDF is not the same thing as Flash.
Permalink  |
photo
HUFFPOST SUPER USER
blyan
60 Fans
12:41 PM on 07/07/2011
Thanks for pointing out the obvious, obviousman. I know it's not the same thing as Flash. The point was that Adobe has a history of releasing easily exploitable code.
Permalink  |
photo
Pectin
Lie to me...
100 Fans
 
04:47 PM on 07/06/2011
If you're jailbroken, there's a fix for that.
Permalink  |
jox58
24 Fans
06:17 PM on 07/06/2011
... but nobody's checking jailbroken apps for security problems.
Permalink  |
photo
HUFFPOST SUPER USER
blyan
60 Fans
06:43 PM on 07/06/2011
Yeah, telling people to jailbreak to make their device more secure is pretty much the most asinine suggestion possible.
Permalink  |
photo
Pectin
Lie to me...
100 Fans
 
10:12 PM on 07/06/2011
Sure about that, are ya?
Permalink  |