Another Critical security flaw discovered in iPhone
Apple iPhone
Security experts have said that the size of the internet browser on the device means that iPhone users may be more susceptible to phishing attacks.
The URL bar on the Safari browser is so small that a person browsing the internet could be directed to a phishing website and not realise it, because they are unable to see the full URL.
The URL can be a giveaway that a site is not authentic, but the clue tends to be at the end of the line, where hackers can insert characters that distinguish the fake site from the real one.
Brian Chess, chief scientist at Fortify, wrote on his blog: "The iPhone browser displays only the first 20 or so characters of the URL, so it's easy to hide a big gnarly cross-site scripting attack without arousing any suspicion."
Earlier this week, another security company warned that a separate iPhone feature, which allows a user to automatically dial a phone number by clicking on a link on a website, could be prone to abuse by hackers.
By setting up a premium rate phone number, as well as running a script which initiated dialling when the cursor passed over it, a hacker could potentially fleece an unwitting user of the iPhone browser, SPI Labs said.
del.icio.us |
Digg
Email to a friend
Print version- Gameworld: Videogaming enters the Third Dimension
- GeoEye signs deal to provide imagery to Google
- iPhone security flaw exposes private data
- Dell profits disappoint as tech spending weakens
- HP says wins judgment against Pelikan
- Sony to launch world's thinnest LCD TVs
- Trade panel agrees to take up Microsoft case
- Web news aggregators rise despite papers woes
- EU, mobile operators clash over call billing
- Vimpelcom says to sell Apple iPhone in Russia
Comments (0 posted):
Post your comment