Radware, who produce enterprise security software, are claiming to have identified a Denial of Service (DoS) flaw in the iPhone's mobile Safari browser. While not yet seen in the wild, the bug is triggered by a Javascript command on a webpage - which Radware suggest would be linked to via a spam email or SMS message - and could result in Safari crashing or even the iPhone itself becoming unstable. The flaw is present in Apple's latest publicly available firmware, version 1.1.4, though it is uncertain whether Firmware 2.0 is similarly affected.
The exploit works through what Radware are calling a design flaw in mobile Safari, whereby multiple memory allocation operations on the dynamic memory pool trigger a bug in the garbage collector. There doesn't seem to be a lasting impact on the cellphone - switching it off and then on again should reset it - but I can see how this might be less than reassuring to your IT manager at work.
Apple are yet to address the issue, and Radware would very much like you to buy their security software to prevent against it. Of course, the obvious advice is - just like browsing the internet anywhere else - to not click on links from sources you don't trust, to be cautious about random looking sites and to generally be sensible. Though that wouldn't make Radware any money, I suppose.
[via GigaOM]
“…which Radware suggest would be linked to via a spam email or SMS message…” So this only applies to retards stupid enough to follow a SPAMlink, then?
It does presume that you’d follow a link someone sends you, yes, and since your friends & co-workers are hopefully not the sort of people that would want to launch a DoS attack on your iPhone (unless you’ve been really boasting about it) a spam email is the most likely way. But considering how many people follow fake PayPal and bank links and hand over all their details, it could still be a problem.
Saying that, I stand by my original point that being sensible about what you click on will do you more good than spending $$$ on fancy security software.
Just curious when you’re going to learn how to use English correctly. An example of your poor English is when you use the plural form of verbs with a singular subject, such as “Apple are …”. In case you’re confused, Apple is a company – a single entity. It isn’t a group of individuals. So you should use “Apple is …” or “Apple has …”. If you insist on using a plural verb, use a plural subject with it. “Apple developers …” or something similar will work. I’m curious why you (and some others) have such a hard time with this. It’s a pretty simple concept to grasp.