Protect Your iPhone from a Serious Security Bug
If you own an iPhone and it's running OS 3.1.2 or higher, it's vulnerable to a serious security flaw that enables a Web site to completely commandeer your phone. There's no action required on your part; just visit a malicious site, and it can force your iPhone to display a PDF document that can cause a stack overflow, which gives the nefarious site total access to your phone.
Rick alluded to this exploit yesterday when he told you about how easy it is to jailbreak your phone -- it turns out that the easy one-click jailbreaking process relies on this exact same exploit.
The interesting thing is -- and trust me, this is really interesting -- the only known protection from this exploit is to actually jailbreak your iPhone.
To date, Apple hasn't commented on the security flaw or issued any sort of patch. But until they do, your phone can be turned to the Dark Side as easily as surfing to the wrong URL. But if you want to protect yourself, one solution is to jailbreak your phone (using the procedure Rick wrote about yesterday) and then install the PDF Loading Warner in Cydia. This program will warn you anytime a PDF is about to be displayed and require your permission before it proceeds. Sure, it's a little annoying, but it will keep any PDFs from opening without your permission. And until Apple fixes this bug, it might be a necessary evil. [via Gizmodo]
