Security Breach in Safari Browser Compromises iPhone 4
The first jailbreak for the iPhone 4 was just barely released, but it has already drawn attention to a serious flaw in iPhone 4 security that allows a website to take over an iPhone just by loading a PDF file.
This new security breach is quite serious because it seems so innocuous. Here's how it works: The user simply visits a site in the built-in Safari browser for the iPhone 4, or any iOS 4 device including the iPad and iPod Touch, which opens and displays a compromised PDF file. The font in the PDF document hides special code that causes what is called a stack overflow. It's a bit complicated, but basically that means the code embedded in the font is granted access to the iPhone itself and can control the device.
This could lead to any number of problems. The malicious code can delete files, steal and transmit private information or even install other malicious software.
The JailbreakMe.com method of jailbreaking the iPhone 4 actually uses this method to circumvent iPhone controls and allow the user to install unauthorized software, but it turns control over to the user instead of surreptitiously stealing information and altering the phone.
Apple reports say that there are over 100 million iPhone, iPad and iPod Touch devices in the world, so this exploit could potentially affect a large number of users. That also makes this security breach an attractive target for hackers.
There has been no official response from Apple, and there is no clear fix at the moment. But there is a way to avoid this problem: Don't open links to PDF files when using the iOS 4 browser, and don't load any PDF files from untrusted sources.
If users want to jailbreak their iPhone 4, they can also install a program from Cydia called a PDF loading warner. Basically, the app alerts users when they are about to load a link that contains a PDF so that the action can be canceled.