PWN2OWN Hacker Contest Targets Smartphones

March 26, 2009 by John Messina Apple's iPhone 3G

(PhysOrg.com) -- TippingPoint, a security response team at 3Com Inc, had offered $10,000 for each exploit of any smartphones, which included Apple Inc.'s iPhone and RIM's BlackBerry, as well as phones running the Windows Mobile, Symbian and Android operating systems.

None of the smartphones that were slated for the attack were compromised. With mobile devices limited on memory and processing power, many researchers (hackers) main exploit techniques are not able to work.

TippingPoint also identified unexpected complications with the possible combinations of handsets, operating systems and carriers introduced into the exploit equation. A spokes person at TippingPoint went on to say; "we didn't realize how complicated it was." In some cases TippingPoint wasn't able to determine the exact phone or operating system's version early enough to give researchers the lead time they needed to work up an exploit of a vulnerability they might have already uncovered.

In next years Hackers Contest, TippingPoint plans to work out the details ahead of time so that it can publish the rules and specifications of the smartphones in plenty of time for researchers to prepare.

An Apple iPhone could have been hacked if a researcher had wanted to part with the vulnerability. A TippingPoint spokes person commented, "there was an exploit at the show that could have broken the iPhone, but the researcher said that the $10,000 wasn't enough to part with that level of vulnerability."

Some researchers just want to hold on to the bugs they have uncovered, even when offered $10,000 in cash. They have pride in their own little vulnerability they worked so hard on. But up

Rate this story - 3.8 /5 (4 votes)

rank
1
2
3
4
5

view popular

Move the slider to adjust rank threshold, so that you can hide some of the comments.

Display comments: newest first

RayCherry - Mar 26, 2009
- Rank: not rated yet
using a number of 'smart phones' as a single internet access point paid for by unsuspecting strangers will certainly yield $10,000 in a few months. selling that solution to just ten customers could yield ten times as much - plus all the personal information gathered as a bonus. I hope that Apple has tracked the path used by that 'researcher' to provide a fix for the iPhone vulnerability urgently
- report abuse
- - Current rank
  - 1
  - 2
  - 3
  - 4
  - 5

Other News

Palm's webOS hasn't gotten the attention it deserves

Technology / Software

49 minutes ago | not rated yet | 0

Lost in the recent deluge of smart-phone news -- Apple's iPhone store hitting 100,000 applications, and the launches of the new Droid phone and the BlackBerry Storm, among other things -- have been the efforts ...

New handbook for Google, Droid users

Technology / Other

9 minutes ago | not rated yet | 0

Before buying one of the new Google-powered "Droid" phones from Verizon Wireless, you may want to read the manual. Not the setup directions in the box.

Is neighbor's Wi-Fi signal free for me to use?

Technology / Telecom

1hour ago | 5 / 5 (1) | 1

Q. The other day, my Internet service went down as it does from time to time. But this particular time, I needed to check my e-mail for an important reply I was expecting. After some frustrating time passed, I happened to ...

Google Go gets going (w/ Video)

Technology / Software

4 hours ago | 4.7 / 5 (3) | 2

(PhysOrg.com) -- Google has introduced its new experimental programming language Go, which aims to combine speedy application development through simplified coding with high-speed program execution.