Qe kur iPhone u hodh ne treg shume veta po ritentojn ti gjejne dobesi sistemit.
dhe sot eshte bere publike se ne Independent Security Evaluators jane gjet mundesi per tu futur ne sistemin iPhone,

nje mundesi konsiston ne dergimin e me e-mail te nje linku ku faqa kontrollohet nga nje haker dhe qe aty ai mund te kete hyrje te te gjitha fileve te telefonit
tjetra konsiston ne krijimin e nje sistemi wifi hot spot e kontrolluar nje nje haker. telefoni sapo te kape sinjalin do te kerkoj te lidhet. Sapo perdoruesi te klikoj mbi "yes" po, persersi hakeri do te kete hyrje te plote ne telefon, file, imazhe,kontakte, email etj etj

video

[youtube]http://www.youtube.com/watch?v=M26sur1YAL4[/youtube]

nje web site interesant http://www.securityevaluators.com/iphone/



How the exploit works

The exploit is delivered via a malicious web page opened in the Safari browser on the iPhone. There are several delivery vectors that an attacker might utilize to get a victim to open such a web page. For example:

* An attacker controlled wireless access point: Because the iPhone learns access points by name (SSID), if a user ever gets near an attacker-controlled access point with the same name (and encryption type) as an access point previously trusted by the user, the iPhone will automatically use the malicious access point. This allows the attacker to add the exploit to any web page browsed by the user by replacing the requested page with a page containing the exploit.
* A misconfigured forum website: If a web forum's software is not configured to prevent users from including potentially dangerous data in their posts, an attacker could cause the exploit to run in any iPhone browser that viewed the thread. (This would require some slight changes in our proof of concept exploit, however.)
* A link delivered via e-mail or SMS: If an attacker can trick a user into opening a website that the attacker controls, the attacker can easily embed the exploit into the main page of the website.