ShmooCon: Your iPhone's Dirty Little Security Secret

07.02.2010
We've heard much about how our PCs and laptops can be compromised through malware and insecure wireless access points and often comfort ourselves with the knowledge that our smart phones are safe from such things.

But the smarter these phones become, the more susceptible they become to those same dangers, and more. That was the warning at this morning from Trevor Hawthorn, founder and managing principal at Stratum Security.

"The old smart phone wisdom in terms of security best practices was that you simply needed to wipe the devices of all your data before selling them on eBay," he said. "Today, you can use them to access the company VPN and Outlook, so the dangers are much more in line with those of PCs and laptops."

Hawthorn discussed security holes (since fixed) found in AT&T's network, which Apple's iPhone uses, and how an epidemic of "jailbreaking" is disabling critical security controls on the device.

Jailbreaking is a process iPhone and iPod Touch users can exploit to run whatever code they want on the device, whether it's authorized by Apple or not. Jailbreaking the phone allows you to download a variety of apps you couldn't get in the Apple App Store.