Get our new Windows 7 eBook (PDF) for $7 with 70+ Tips. Download Now!
Apple iPhone Browser Dialing A Security Risk?
- 0
- Add a Comment
- No Related Post
A security research firm is warning that using the Apple iPhone’s Safari web browser to dial phone numbers displayed on web pages by tapping the number allegedly could be exploited by attackers.
The attacks may include:
- Redirecting phone calls placed by the user to different phone numbers of the attacker’s choosing
- Tracking phone calls placed by the user
- Manipulating the phone to place a call without the user accepting the confirmation dialog
- Placing the phone into an infinite loop of attempting calls, through which the only escape is to turn off the phone
- Preventing the phone from dialing
These types of attacks can be launched from a malicious website, from a legitimate website that has Cross-Site Scripting vulnerabilities, or as part of a payload of a web application worm.
SPI Labs reports that they let Apple know about the potential problems on July 6. As of this post, there is still no fix other than not using the browser dialing feature.
[SPI Labs advises avoiding iPhone feature]
[tags]apple, iphone, at&t, t, aapl, at&t wireless[/tags]
