Get Better Gear!

Premier Sponsors

TechRestore

Other World Computing

Top 5 Free Apps

Release Date: August 05, 2009
Genre: Games
Release Date: May 22, 2009
Genre: Games
Release Date: August 29, 2009
Genre: Games
Release Date: March 27, 2009
Release Date: August 07, 2009

iTunes New Music Releases

Release Date: September 29, 2009
Genre: Rock
Release Date: September 20, 2009
Release Date: September 15, 2009
Release Date: August 25, 2009
Genre: Rock
Release Date: August 25, 2009

Top 5 Paid Apps

Release Date: April 22, 2009
StickWars $0.99
Release Date: March 31, 2009
Genre: Games
Bloons $0.99
Release Date: April 05, 2009
Genre: Games

Discover New Music

  • Pressure Chief

    • 6 out of 10
    • Cake
    • Pressure Chief, Cake's latest album, didn't immediately grab me. In fact, it took perhaps half a dozen listens before I started truly enjoying it. Any

  • Velocifero

    • 6 out of 10
    • Ladytron
    • "Back to the future" isn't the right turn of phrase for Ladytron's newest album,

  • Supernature

    • 10 out of 10
    • Goldfrapp
    • On their latest CD, Supernature, Goldfrapp has put together a successful mix of 1980-era New Romanticism, German cabaret, and T. Rex glam that leaves you riveted even through the album's lulls. It's a great amalgam that sounds current without sounding at all dated.

  • Quadrophenia

    • 10 out of 10
    • The Who
    • Quadrophenia is everything that Tommy wanted to be, a rock opera that told a story, but one where every song could still stand alone. It was also Pete Townshend's farewell tribute to the Mod

  • The Stooges

    • 8 out of 10
    • The Stooges
    • Another pillar of my musical foundations, The Stooges' first album is one those records whose influence far outweighed its popularity. Like The Velvet Underground & Nico, hordes of people wh

Reader Specials

Visit Deals On The Web for the best deals on all consumer electronics, iPods, and more!

News

Safari Exploit Allows Hacker to Call 1-900 Numbers

An exploit has been discovered in the Safari Web browser on iPhone that could allow a maliciously-crafted Web page take control of your iPhone and force it to dial any phone number, for instance a nice, expensive 1-900 number that could cost the user dearly.

The exploit was discovered by the Institute for Fraunhofer for Safe Information Technology (SIT) in Germany last month. According to the SIT, they immediately informed Apple, and a fix will be released on November 21st, 2008. Apple’s usual corporate policy is to not announce or discuss vulnerabilities until they release a patch.

The exploit involves tricking an iPhone user into clicking on a link, say in piece of e-mail, an SMS text message, or even from another Web page. That link would take the user to a Web page with as few as three lines of code that trigger the exploit. The iPhone’s screen then blanks out, a dialog that can’t be interacted with shows that the phone is dialing, and the deed is done.

SIT has posted a video demonstration of the exploit that merely dials another cell phone sitting next to the iPhone. Any number could be dialed, but a 1-900 number would be a likely choice for hackers, as it would allow them collect money merely by having received the call at their 1-900 "service."

SIT’s announcement was first reported by German magazine Der Spiegel, and pointed out to us by Matthis Drolet (thanks for the head sup, Matthis!) SIT released the following images demonstrating the process:


The bad guy sends an e-mail or SMS text message with a URL


The iPhone switches over to Safari, and shows (in this case) what looks like a blank page


Surprise! Your iPhone is dialing a number!


Now your iPhone appears to be locked up while the call goes through...

Post Your Comments

  Remember Me  Forgot your password?

Not a member? Register now. You can post comments without logging in, but they'll show up as a "guest" post.

Commenting is not available in this section entry.