+ Reply
Results 1 to 19 of 19

Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.


Thread: SMS Spoofing Vulnerability Discovered in iOS Platform by pod2g

is a discussion within the

iPhone News

forums, a part of the

General iPhone

section;
...
  1. #1
    MMi Staff Writer Akshay Masand's Avatar
    Join Date
    Sep 2011
    Location
    New York City
    Posts
    3,889
    Thanks
    3
    Thanked 122 Times in 107 Posts

    Default SMS Spoofing Vulnerability Discovered in iOS Platform by pod2g


    The popular iOS hacker and security researcher, pod2g, recently revealed a newly-discovered security issue that is found in all versions of iOS. The security issue could allow malicious parties to spoof SMS messages, making the recipient think that a message came from a trusted sender, when it in fact did not. The issue is related to iOS’ handling of User Data Header (UDH) information, an optional section of a text payload that allows users to specify certain information such as changing the reply-to number on a message to a different number. The iPhone’s handling of this optional information could leave recipients open to targeted SMS spoofing attacks. Pod2g mentioned the following regarding the vulnerability:

    In the text payload, a section called UDH (User Data Header) is optional but defines lot of advanced features not all mobiles are compatible with. One of these options enables the user to change the reply address of the text. If the destination mobile is compatible with it, and if the receiver tries to answer to the text, he will not respond to the original number, but to the specified one.

    Most carriers don't check this part of the message, which means one can write whatever he wants in this section : a special number like 911, or the number of somebody else.

    In a good implementation of this feature, the receiver would see the original phone number and the reply-to one. On iPhone, when you see the message, it seems to come from the reply-to number, and you [lose] track of the origin.
    There are several ways malicious parties could take advantage of this vulnerability ranging from phishing attempts linking users to sites collecting personal information or spoofing messages for the purpose of creating false evidence. In many cases, the malicious party would need to know the name and number of a trusted contact of the recipient in order for their efforts to be effective, but the example shows how malicious parties could cause harm to innocent consumers. One way to currently discover or prevent becoming a victim would be to reply to any suspicious message as the return message would go to the familiar contact rather than the malicious one. That being said, doing so would only be a temporary solution to make sure someone isn't spoofing texts.

    The issue is still an important one and pod2g is trying to bring this to the attention of Apple in hopes of having the Cupertino California company patch the flaw in their mobile operating system.

    Source: pod2g (blog)

    Twitter: @AkshayMasand

  2. #2
    iPhone? More like MyPhone Colin9001's Avatar
    Join Date
    Jan 2011
    Location
    New York
    Posts
    170
    Thanks
    0
    Thanked 9 Times in 9 Posts

    LOLOL. Apple probably hates Pod2G.

  3. #3
    huh? wiipro's Avatar
    Join Date
    Jul 2012
    Location
    Tuscaloosa, AL
    Posts
    180
    Thanks
    25
    Thanked 9 Times in 7 Posts

    Wow

    *breathless*

  4. #4
    Green Apple
    Join Date
    Dec 2010
    Posts
    32
    Thanks
    0
    Thanked 5 Times in 2 Posts

    Quote Originally Posted by Colin9001 View Post
    LOLOL. Apple probably hates Pod2G.
    Actually, this is the reason why Apple should love pod2g. This is exactly what security researchers do. They usually do it in a private manner to Apple themselves but he felt this urgent enough to make public.

  5. #5
    Banned
    Join Date
    May 2008
    Location
    In the shadows
    Posts
    798
    Thanks
    120
    Thanked 74 Times in 47 Posts

    Apple don't do anything in private. They ignore it and hope it goes away so you need to make things public so they get off their pile of money and do something about it.
    They think their systems are unhackable and virus proof but they are way off.

  6. #6
    Green Apple
    Join Date
    Jun 2012
    Posts
    73
    Thanks
    0
    Thanked 2 Times in 2 Posts

    Quote Originally Posted by NakedFaerie View Post
    Apple don't do anything in private. They ignore it and hope it goes away so you need to make things public so they get off their pile of money and do something about it.
    They think their systems are unhackable and virus proof but they are way off.
    They are not stupid. There is no way they really think their systems are immune to virus. They are simply making use of a statistic fact in their favor on surface and hope it attracts more customers. Internally they definitely know the technical reality.

  7. #7
    Livin the iPhone Life iNT3Rv3NTiONZz's Avatar
    Join Date
    Feb 2010
    Location
    Cambridge, U.K
    Posts
    1,512
    Thanks
    57
    Thanked 123 Times in 101 Posts

    Quote Originally Posted by Colin9001 View Post
    LOLOL. Apple probably hates Pod2G.
    Hate him? Did you read the article? They can't thank him enough for finding a security flaw, which they can now fix, thus making iOS even more secure. You mad bro?

    iPhone4 16gb black - 4.1 Limera1ned
    iPhone 3G 16gb white - 3.1.2 jailbroken
    Blackra1ned
    THANKYOU ONCE AGAIN GEOHOT!

  8. #8
    Starbucks Artist mmaboi21's Avatar
    Join Date
    Jan 2011
    Location
    Bakersfield CA.
    Posts
    2,402
    Thanks
    162
    Thanked 207 Times in 160 Posts

    Great advertisement for people wanting to jack my phone up.

  9. #9
    Green Apple
    Join Date
    Aug 2012
    Posts
    45
    Thanks
    0
    Thanked 1 Time in 1 Post
    The funny thing is that nobody thinks it could possibly be there on purpose. Patriot Act? Has anyone checked Android Blackberry WP7? Maybe they need to redirect some messages to there server, where they scan for potentially threatening messages or signs of terrorism, and if clean they just re-spoof and send it to the original recipient. Just a thought

  10. #10
    H4CK3R's Avatar
    Join Date
    Jan 2012
    Location
    java.lang.IllegalStateException: Location unknown.
    Posts
    5,832
    Thanks
    63
    Thanked 264 Times in 253 Posts

    Quote Originally Posted by Micturition View Post
    The funny thing is that nobody thinks it could possibly be there on purpose. Patriot Act? Has anyone checked Android Blackberry WP7? Maybe they need to redirect some messages to there server, where they scan for potentially threatening messages or signs of terrorism, and if clean they just re-spoof and send it to the original recipient. Just a thought
    I doubt it, probably just another one of Apple's mistakes in the software.
    Great minds discuss ideas.
    Average minds discuss events.
    Small minds discuss people.

  11. #11
    iPhone? More like MyPhone
    Join Date
    Jul 2007
    Location
    Scottsdale, AZ
    Posts
    100
    Thanks
    11
    Thanked 14 Times in 7 Posts

    Quote Originally Posted by NakedFaerie View Post
    Apple don't do anything in private. They ignore it and hope it goes away so you need to make things public so they get off their pile of money and do something about it.
    They think their systems are unhackable and virus proof but they are way off.
    Really? Apple always ignores the security issues and pushes out updates? Is that why there is an IOS update every month that we have to avoid so we can keep our jailbreak? Very ignorant statement.

  12. #12
    The Unknown Anonymous's Avatar
    Join Date
    May 2012
    Location
    Antarctica
    Posts
    2,758
    Thanks
    427
    Thanked 997 Times in 628 Posts

    Quote Originally Posted by MooShoo View Post
    Really? Apple always ignores the security issues and pushes out updates? Is that why there is an IOS update every month that we have to avoid so we can keep our jailbreak? Very ignorant statement.
    Ignore the troll.

  13. #13
    What's Jailbreak?
    Join Date
    Sep 2008
    Posts
    5
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Thumbs down Perhaps
    Quote Originally Posted by Colin9001 View Post
    LOLOL. Apple probably hates Pod2G.
    Apple is a company. Certain employees are probably as appreciative of this as I am, while I'm sure others ignorantly wish no one would ever discover their lapses. You can't just assume "Apple" prefers ignorant bliss, especially based on their impressive response times to similar issues in the past.

  14. #14
    MMi Staff Writer Anthony Bouchard's Avatar
    Join Date
    Sep 2011
    Location
    Florida
    Posts
    7,112
    Thanks
    214
    Thanked 1,043 Times in 765 Posts

    Apple responded to the flaw by telling users that they should use iMessage wherever possible and exercise caution when using SMS. iMessage verifies sender information before delivering it to the victim.

  15. #15
    iPhone? More like MyPhone Breezy215's Avatar
    Join Date
    Nov 2007
    Posts
    249
    Thanks
    1
    Thanked 8 Times in 7 Posts

    Quote Originally Posted by iNT3Rv3NTiONZz View Post
    Hate him? Did you read the article? They can't thank him enough for finding a security flaw, which they can now fix, thus making iOS even more secure. You mad bro?
    I think what he meant by that is that they(Apple) probably hates him because he finds many "flaws" in ios, an operating system that Apple brags & boasts on how secure & fool proof it is...Pod2g u rock bro!

  16. #16
    Super Galactic Moderator Orby's Avatar
    Join Date
    Aug 2010
    Location
    Omicron Persei Eight
    Posts
    5,698
    Thanks
    40
    Thanked 575 Times in 525 Posts

    Quote Originally Posted by Anthony Bouchard View Post
    Apple responded to the flaw by telling users that they should use iMessage wherever possible and exercise caution when using SMS. iMessage verifies sender information before delivering it to the victim.
    "Use our proprietary product!" is Apple's answer to a fairly serious security flaw in their implementation of an open standard with far more global application and use than their own?

    ...why am I not feeling the least inkling of surprise?

  17. #17
    Livin the iPhone Life sziklassy's Avatar
    Join Date
    Jan 2008
    Location
    Iowa (ISU for Vet School!)
    Posts
    3,920
    Thanks
    69
    Thanked 310 Times in 264 Posts

    Quote Originally Posted by MooShoo View Post
    Really? Apple always ignores the security issues and pushes out updates? Is that why there is an IOS update every month that we have to avoid so we can keep our jailbreak? Very ignorant statement.
    He could have said this more elegantly. Allow me...

    In terms of security, it *seems* that Apple waits for hackers to find an exploit, make it public, and then patches it. Rarely, if every, have I seen iOS updates that claimed there were security patches within that were not done as a direct result of some backdoor some hacker, generally a jailbreak dev, has found. Granted, it is extremely difficult to really know what holes Apple has found through internal research and simply plugged before they made it to us, the end user.
    Last edited by sziklassy; 08-18-2012 at 04:06 PM.
    ------------------------------------------------------------------------------------------------------------------------------------------------------------------
    I once prayed to God for an iPhone, but quickly found out He didn't work that way...so I stole an iPhone and prayed for His forgiveness.

    A dog is the only thing on earth that loves you more than you love yourself. - Josh Billings

  18. #18
    iPhone? More like MyPhone
    Join Date
    Jul 2007
    Location
    Scottsdale, AZ
    Posts
    100
    Thanks
    11
    Thanked 14 Times in 7 Posts

    Quote Originally Posted by sziklassy View Post
    He could have said this more elegantly. Allow me...

    In terms of security, it *seems* that Apple waits for hackers to find an exploit, make it public, and then patches it. Rarely, if every, have I seen iOS updates that claimed there were security patches within that were not done as a direct result of some backdoor some hacker, generally a jailbreak dev, has found. Granted, it is extremely difficult to really know what holes Apple has found through internal research and simply plugged before they made it to us, the end user.
    That is very true and well put. Couldn't agree more.

  19. #19
    iPhoneaholic iH85CH001's Avatar
    Join Date
    Jul 2012
    Location
    United States of America
    Posts
    305
    Thanks
    383
    Thanked 14 Times in 12 Posts

    Quote Originally Posted by mmaboi21 View Post
    Great advertisement for people wanting to jack my phone up.
    This is what i was thinking.

Posting Permissions
  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts