![[info]](http://l-stat.livejournal.com/img/userinfo.gif?v=92.1){kind=small}
When they first announced iPhone, the idea of millions of OSX machines carried everywhere with EDGE, Bluetooth, and WiFi connectivity. I imagined the wonderful world of distributed, mobile botnets, snarfing data and contacts from nearby cell phones and PDAs, and merging all of those data into a spammer's wet dream. Or a distributed surveillance platform, if you buy into the NSA conspiracy theories.
The next indicator that this was going to be "good times," was when they discovered that it was a Unix-like OS, and they had cracked the root and other system passwords (http://www.hackint0sh.org/forum/showth
Today's came from HD Moore announcing his work with Metasploit and the iPhone.
His words: http://blog.metasploit.com/2007/09/r
Journalist's view: http://searchsecurity.techtarget.com/or
It's going to be such good times.
So, what are the next steps? Because if I left that out I wouldn't be an intelligence analyst, I'd just be a blogger. According to the mental model, we have the accessibility/vector. What we need are market saturation (some predict 14M sold by end of 2008,) a mesh networking application (or something to cross-connect the myriad of networking options,) and an attractive application to encourage the owners to share amongst each other (say, some funky music sharing application or social-networking tie-in, or instant messaging.) That'll lay the ground work for some very effective malware.
September 27 2007, 08:27:21 UTC 4 years ago
I swear if I see purple gorillas on iPhones, I'm quitting technology forever.
September 27 2007, 13:37:57 UTC 4 years ago
September 27 2007, 17:48:04 UTC 4 years ago
September 27 2007, 14:32:54 UTC 4 years ago
Being an amateur at this, I've dubbed it the "skynet phenomenon", not talking about AI per se, but in the "an automated user agent uses computers all over teh internets to do naughty things. As such, it is a bitch to kill, because it keeps popping up". Witness what is happening w/ Windows (a clear and present danger to the stability of the internet since 1995!) and the huge zombie/botnet swarms.
Anyway, that was always the unspoken downside to the "everything is an intelligent device which connects to the internet and does shiny things" folks have been promoting. First, security is not a feature, and only comes to bite you after the sale. It's not something marketing can put on an "oh, wow!" sheet. Second, like it or not, security is often antithetical to functionality (you can run a web server, or not. Not running it is always more secure. But, then you have no web server).
Finally, this is worse with "devices" than it is with "computers", because even my grandmother has some type of basic idea of security with computers (even if it's just a "that's okay, I like my photos in albums because when your computer gets a virus and you lose everything, I will still have my photos"). However, a phone is just a phone. It's not a computer. Therefore, the idea of having to apply patches to it is kind of antithetical to the idea of it being a "device".
End rambly bits.
Also, your job sounds vastly more interesting than mine.
I miss real programming. This PHP crap is for monkeys. Firmware was so much more fun.
September 27 2007, 17:49:28 UTC 4 years ago
October 3 2007, 04:13:45 UTC 4 years ago
I remember when all the hackerkids would get bridge info and then just start all day conference calls. and .... is it a bad thing that I wish just ONCE i'd call into a bridge at my work only to find that hackers had taken it over? I wonder how many people at my company keep things like bridge/passcode #'s in a smartphone that could easily be hacked.... Or things like meetings? I wish a hacker would go to meetings for me, too.
October 3 2007, 04:27:04 UTC 4 years ago
I wonder how many of them have them published in their Yahoo! or Google Calendar. I know it's more than 0...
September 27 2007, 14:34:01 UTC 4 years ago