How long until the first iPhone botnet?
like many we are eagerly anticipating the release of the new iPhone by Apple on the 29th of June. The presentation is beautiful and the usability features and functions of the phone far and away surpass the competition. It’s truly a beautiful piece of equipment, and I can’t wait to see it in action.
Anyway, last week Steve Jobs announced that Apple will be allowing other companies to write applications for the iPhone through the Safari web browser.
Let the malware race begin!
David Maynor (of the Macbook compromise debacle at the Blackhat conference in 2006. He has since apologized) has stated that he already has identified several bugs within Safari which will allow for remote code execution. Since he does not yet have an iPhone though he doesn’t yet know how well, if at all, his findings will pan out into anything significant.
Whether or not you believe Maynor or whether you believe he is credible the proof of concept is sound in that by allowing third party applications to be built for the iPhone, Apple has opened the door for hackers to race to create the first, biggest, and best iPhone botnets. It’ll only be a matter of time before we are actively using terms like PhoneBot or iBot to discuss the state of our shiny, new iPhones.
