iOS security researcher Pod2G has found a flaw in iOS messaging system for which hackers or thieves could access your personal information. If you're an iPhone owner, then you should be careful before responding to any text messages.

What are you thinking?

View Results

Loading ... Loading ...
1 Star2 Stars3 Stars4 Stars5 Stars (Rate This)
Loading...Loading...

If you’re an iPhone owner, then you should be careful before responding to any text messages. French jailbreak developer and iOS security researcher Pod2G has found a flaw in iOS messaging system for which hackers or thieves could access your personal information. The flaw involves a malicious party spoofing the “reply” to number. According to Pod2G, this flaw is present in all versions of iOS up to and including the latest iOS 6 beta 4.


When a user writes a message, the mobile converts the message into Protocol Description Unit (PDU). PDU is a protocol that handles the sending and receiving of various types of messages in mobile devices. As soon as the sender sends the message, the mobile passes the converted message to the baseband for delivery. On the other side, there is a section called User Data Header (UDH) in the text payload which defines a lot of advanced features. One of these options enables the user to change the reply address of the text from the original one. In fact, the message header as well as the email header can be exploited since carriers don’t check for the validity of this information when used by third-parties.

According to the analysis of Pod2G, not only the iPhone but also there are some other phones that are compatible with a number of advanced SMS functions which can be enabled if a hacker tinkers with the UDH (User Data Header) section of a text message. It means, if the destination mobile is compatible with UDH, and if the receiver tries to reply to that text, then the message receiver will not respond to the original number, but to the specified one.

Here are some examples of Apple iOS flaw:

  • Pirates could send a message that seems to come from the bank of the receiver asking for some private information, or inviting them to go to a dedicated website. [Phishing]
  • One could send a spoofed message to your device and use it as a false evidence.
  • Anything you can imagine that could be utilized to manipulate people, letting them trust somebody or some organization texted them.

As Apple is using the reply-to address of a message’s User Data Header (UDH) to identify the origin rather than the raw source, so iPhone users can be circumvented if they don’t check this part of the message. Though it has been mentioned that iPhone will bring a proof of concept messaging tool soon, but Pod2G is pushing for an official solution before the next iOS version launches.

So for your precaution, we advice you not to believe any SMS that you receive on your iPhone from now on at first sight. The right way of replying a message would be message recipient should see both the original and reply-to addresses. By doing so, the replier will know which number has sent the message, and which number will receive the message once he/she replies. If you want to know more about it, you can read the detailed explanation of iOS text spoofing issue at Pod2G’s iOS blog.

Source : Pod2G’s iOS Blog
Thanks To : Jailbreak Squad

Buy Cheapest Related Product From Amazon.com


Demonoid Domain Sales Thwarted

Microthrusters Developed At MIT Could Propel Satellites
You can also press the left/right arrow key on your keyboard to go to previous/next post
  On August 19, 2012(2 years, 1 month ago.)

Recent Products

Buy Now | Compare  
Buy Now | Compare  
Buy Now | Compare  
Buy Now | Compare  
Compare  

What Do You Think?

Loading Disqus Comments ...
Loading Facebook Comments ...

Recent Search

Recent Tutorials

Apple has published a new guide detailing how Android users will be able to switch their contents from Android to iPhone.
The trick will let you to check your Facebook messages in the original app without downloading Messenger and it works with both iPhone or Android phone.
Want to block all disgusting ads from your android device? Read the tutorial to know how you can block ads on your Android and save data.
Want to repair your memory card? It's very easy to fix corrupted or damaged memory card. In fact you can fix it by yourself.
Are you the one who is frustrated because of the speed of your Android device? No worries, the article will help you increase the speed of that device.
Lately, Google has updated its Google Docs. Now users can crop, rotate, and add borders to images in a document without leaving Google Docs.
Adobe CS products are not free, but the good news is you can now download Photoshop CS2 & all other CS2 product completely free and it's absolutely legal.
At the beginning level, many people don't know how to use Gmail properly. For them, a here's a helpful guideline.
Skype now allows you to call directly from your Outlook account. Find the step-by-step installation process from this tutorial.
This tutorial helps you quickly resolve four of the most common problems that occur with Windows XP.
Close You Have To Login
User:
Pass:
Login With »Login With TwitterLogin With Facebook