Feeds

iPhone push hack shoves IMs to complete strangers

You talkin' to me?

Seven Steps to Software Security

A German developer has discovered that sending an AIM message to someone who has both jailbroken their iPhone and installed a hack that enables it to receive push notifications may result in your message being read by anyone else who has installed the push-enabling hack.

Till Schadde, founder of equinux, tells The Reg that he sent a message over AIM using iChat on his Mac - with all relevant security settings enabled, such as SSL - to a friend's iPhone. He did know that this iPhone, which was running iPhone Software 3.0, had been jailbroken and that its owner had installed two hacks to enable push notifications: this one and this one.

Schadde was surprised to hear back not from his friend, but from a total stranger in the US - a person who had also installed the offending hacks. He sent Schadde a screenshot proving that he had, indeed, received the same message that Schadde had sent to his European friend.

Apparently, the hacks - or one of them, at least - install the same iPhone ID on any phone that has been so hacked, resulting in any messages being sent to them by Apple's push services to be also received by other similarly hacked iPhones.

Schadde speculates that the problem is not the fault of AOL (AIM's creator) - representatives of which, in fact, contacted him after a report of the problem first surfaced in CrunchGear.

And although the problem appears only on hacked iPhones, it appears to be rooted in a security flaw in the Apple implementation of the Push notification system, according to Schadde. "There appears to be something hackable in the notification," he said.

Schadde hasn't contacted Apple about the problem - even though, as he says, "I think it's kind of major." After all, he told us, in these days of instant worldwide communication, his discovery is sure to have already been noticed in Cupertino. ®

The smart choice: opportunity from uncertainty

More from The Register

next story
Auntie remains MYSTIFIED by that weekend BBC iPlayer and website outage
Still doing 'forensics' on the caching layer – Beeb digi wonk
Apple orders huge MOUNTAIN of 80 MILLION 'Air' iPhone 6s
Bigger, harder trouser bulges foretold for fanbois
GoTenna: How does this 'magic' work?
An ideal product if you believe the Earth is flat
Telstra to KILL 2G network by end of 2016
GSM now stands for Grave-Seeking-Mobile network
Seeking LTE expert to insert small cells into BT customers' places
Is this the first step to a FON-a-like 4G network?
Yorkshire cops fail to grasp principle behind BT Fon Wi-Fi network
'Prevent people that are passing by to hook up to your network', pleads plod
BlackBerry: Toss the server, mate... BES is in the CLOUD now
BlackBerry Enterprise Services takes aim at SMEs - but there's a catch
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.