AfterDawn: Tech news

Team that posted iPad email details finds new exploit, in Safari

Written by Andre Yoskowitz (Google+) @ 15 Jun 2010 17:13 User comments (4)

Team that posted iPad email details finds new exploit, in Safari Last week, AT&T confirmed that 114,067 iPad 3G owners had their email information leaked to the Web, with the data being stolen and exposed by a group called Goatse Security.
AT&T went as far as to call Goatse "malicious hackers" who attacked AT&T's servers, and the group is now under investigation by the FBI.

Today, the same group has exposed another security hole in the iPad, using the same ICC-IDs given out by using a script on the AT&T Website and determining the locations of iPad owners.

Additionally, the group says an unpatched Safari browser exploit will allow for targeted attacks on iPads. The exploit, reads DailyTech, "uses an integer overflow exploit, which gives access to proxy connections over banned ports, allowing all sorts of ill purposes including spewing spam and malware deliveries to locally networked machines."

Says Goatse of the new Safari exploit: "The potential for this sort of attack and the number of iPad users on the list we saw who were stewards of major public and commercial infrastructure necessitated our public disclosure. People in critical positions have a right to completely understand the scope of vulnerability immediately. Not days or weeks or months after potential intrusion."

Previous Next  

4 user comments

115.6.2010 20:11

HAHAHA! Don't say that I didn't tell you so. AT&T's network is embarrassing at best. Apple, what the hell were you thinking? Oh I forgot, they don't!! Whoops!!

215.6.2010 23:06

LOL I'm glad I can't wait for some coder to start noticing the weakness in Mac OS as well and start hitting them hard so these fan boys wont have anything to say.

316.6.2010 5:19

So it does not run anything...yet it still has security holes? There was a time when Apple was a good choice for someone who just wanted email and web browsing...but clearly Apple can't even get that right.

416.6.2010 9:32

Originally posted by KillerBug:
So it does not run anything...yet it still has security holes? There was a time when Apple was a good choice for someone who just wanted email and web browsing...but clearly Apple can't even get that right.
Yup a lot of people give apple praise because they think it is so more much secure than windows is. Its just like what the hacker Marc Maiffret said “Windows Is More Secure, Apple Community Is Ignorant” Its not because apple is so secure that it does have that much viruses its been the market is too small to waste time targeting them. Al thought sometimes I wish they would send some their way. I think Apple has noticed this with the pulling of their famous "pc vs mac" commercial.

Comments have been disabled for this article.

News archive