No. 1 Story
ACCC clears Optus to scrap HFC network and use NBN instead
The ACCC has cleared, provisionally, the proposed deal between Optus and NBN Co under which Optus is to be paid around $800m to shut down its HFC network and transfer customers onto the NBN. read moreRelated Articles
Adoption of cloud computing has reached a tipping point - but don’t expect legacy...
In yet another blow to the Facebook IPO this week, following the withdrawal of...
Recruitment technology and social media have played a significant role in growing business in...
Need a new One with 4G speeds at an XL size, while still being...
Fancy a 4G Windows Phone? Your wait may be over next Tuesday when Telstra...
More From
Dutch iPhones held hostage
Stephen Withers
Wednesday, 04 November 2009 05:42
The vulnerability arises when an iPhone is jailbroken but the owner does not change the default root password.
A hacker used port scanning across T-Mobile's dutch network to identify vulnerable handsets, and replaced the screen image with a message asking the owner to visit a certain web page.
That page - subsequently taken down - asked for payment of €5 via PayPal, and said that in return the iPhone owners would receive instructions for undoing the hack.
Those instructions were later published on another web site, and basically involve removing a plist file, restoring the original image file, and changing the root password.
It seems as if no real damage was done, although the hacker did claim to have sent SMSes from at least some of the affected iPhones.
The culprit has also reportedly refunded any payments received.
According to a message purportedly from the person behind the events, his or her motivation was to alert users to the possibility that the hack could be used by someone with malicious intent.
He or she also claimed that the hack would in most cases be automatically deleted within a day of installation.
Some observers aren't convinced.
"Some have suggested online that the hacker intended no malice in breaking into the iPhones and displaying the messages, but let's not beat around the bush about this. Unauthorised access and unauthorised modification of data is an offence in many countries around the world," said Graham Cluley, senior technology consultant at Sophos.
A spokesperson for Intego said "if you have jailbroken your iPhone, you would do well to change the default ssh password. Again, Google will help you perform this simple operation. If you don't, any enterprising hacker can get access to everything your phone contains. You don't want that to happen."
You think you have a disaster recovery plan?
Think again. Most businesses only have PART of a DR plan - and this spells business disaster in the event of an IT disaster.
Download The Seven Sins of Disaster Recovery White Paper now and find out how you can prevent this happening to you.
