Support Our Site
Get Better Gear!
- Theodolite App for iOS is Breathtaking from Hunter Research and Technology, US$3.99 (Pro and HD versions)
- Akron’s TAB802 Table Mount For iPad Is Sturdy from Akron, US$99.95
- Dinosaurs Roar to Life on the iPad with Stephen Fry from M58959 Studios, US$14.95
- Poldera’s iKeep Holds Your iPhone Close from Poldera LLC, US$19.99
- Mediadevil’s Easyscreen Screen iPad Protector Is Unusual from Mediadevil, £16.97 (US$22.09)
Premier Sponsors
Top 5 Free Apps
iTunes New Music Releases
Top 5 Paid Apps
Discover New Music
- Clap Your Hands Say Yeah
When I first got hooked to Clap Your Hands Say Yeah, the only place I could get their debut album, Clap Your Hands Say Yeah, was through the band's Web site. I listened to the two tracks a
- Brother Love
- Killer grooves, catchy riffs, edgy vocals with oh-so-just-right layered harmonies, and a drive that will move even YOU out of your chair, Brother Love's initial release is what rock and roll should be
- Tegan and Sara
So Jealous is the third album from these sisters, and easily the one to single out for an introduction to their music. Some people may not get on board with their vocal styles, which are slightly
- Poe
Dropping like a bomb on some of the blah musical offerings of her contemporaries, Haunted was one of the best albums of 2000, obliterating the competition.
Ostensibly a tie-in to her brot
- Mystics Anonymous
- Mystics Anonymous is the brainchild project of Jeff Steblea, a fantastic songwriter and good friend of mine, as well. In fact, I even played the drums on all but one of the tracks on this album. Jef
Reader Specials
Visit Deals On The Web for the best deals on all consumer electronics, iPods, and more!
News
Safari Exploit Allows Hacker to Call 1-900 Numbers
Wednesday, November 19th, 2008 at 3:00 PM - by Bryan Chaffin
An exploit has been discovered in the Safari Web browser on iPhone that could allow a maliciously-crafted Web page take control of your iPhone and force it to dial any phone number, for instance a nice, expensive 1-900 number that could cost the user dearly.
The exploit was discovered by the Institute for Fraunhofer for Safe Information Technology (SIT) in Germany last month. According to the SIT, they immediately informed Apple, and a fix will be released on November 21st, 2008. Apple’s usual corporate policy is to not announce or discuss vulnerabilities until they release a patch.
The exploit involves tricking an iPhone user into clicking on a link, say in piece of e-mail, an SMS text message, or even from another Web page. That link would take the user to a Web page with as few as three lines of code that trigger the exploit. The iPhone’s screen then blanks out, a dialog that can’t be interacted with shows that the phone is dialing, and the deed is done.
SIT has posted a video demonstration of the exploit that merely dials another cell phone sitting next to the iPhone. Any number could be dialed, but a 1-900 number would be a likely choice for hackers, as it would allow them collect money merely by having received the call at their 1-900 "service."
SIT’s announcement was first reported by German magazine Der Spiegel, and pointed out to us by Matthis Drolet (thanks for the head sup, Matthis!) SIT released the following images demonstrating the process:
The bad guy sends an e-mail or SMS text message with a URL
The iPhone switches over to Safari, and shows (in this case) what looks like a blank page
Surprise! Your iPhone is dialing a number!
Now your iPhone appears to be locked up while the call goes through...
Recent Headlines
- Chinese Authorities Seize Apple iPads in Trademark Dispute
- AT&T Begins Process Toward Offering Shared Data
- OnLive Desktop: Windows & Office on Your iPad
- Battle Pocket Bulge With The Hint for iPhone
- Theodolite App for iOS is Breathtaking
- Forum Poll: Are You Planning on Buying a New iPad?
- Apple Highlights Siri in Two New iPhone 4S Ads
Post Your Comments