Still, Miller says that breaking into mobile devices like the iPhone is "harder" than PC hacking. Though security researchers like Miller may be interested in smart phones right now, to date there hasn't been a lot of research and documentation of how to attack mobile platforms. "They don't make it easy to do research on it," Miller said.

But that may be changing, according to Ivan Arce, chief technology officer with Core Security Technologies.

While the Pwn2Own contest was going on, researchers from Arce's company spoke in another conference room, demonstrating a program they wrote that could be used by attackers once they have managed to hack into a mobile phone. The interesting thing about Core's shellcode software is that it can run on both the Apple iPhone and Google Android, showing that criminals could theoretically write one piece of code that would run on both platforms.

In recent months, research into mobile devices has picked up and has recently reached a "tipping point," where more successful attacks are likely to emerge, Arce said.

There are several factors that make phones attractive targets, Arce said. For one thing, they are opening up and can run more and more third-party software. Traditionally phone companies have very tightly controlled the applications that run on their networks -- at one time AT&T initially argued that third-party telephones would break its network. Today, all it takes is US$25 and a Gmail address in order to develop applications for Android.