Sunday, August 05, 2007
The iPhone has security design errors
From SecurityFocus:
If you don't know what that means, that's OK: you pay people like me to understand things like that. What's important to understand is that Apple left out some security features that are in Windows, which are considered normal good practice these days, and which would complicate the lives of bad guys who find a crack in an iPhone application if only Apple used them.
|
In addition, both the iPhone's stack and heap are executable and the layout of programs in memory are not randomized -- two factors that make exploitation of any vulnerabilities much easier, he [Mikko Hyppönen] said.
If you don't know what that means, that's OK: you pay people like me to understand things like that. What's important to understand is that Apple left out some security features that are in Windows, which are considered normal good practice these days, and which would complicate the lives of bad guys who find a crack in an iPhone application if only Apple used them.
# posted by Frederick @ 11:07 AM Email to a friend:
Haloscan: they provide trackback