How Google uncovered 6 ways to hack an iPhone
A team of bug hunters working for Google uncovered the weakest point of the iPhone: the iMessage app. The team, called Google Zero, says it found five errors in the messaging service that would make iPhone extremely vulnerable for a hacker.
In one case, researchers from the search giant (whose Android system is Apple’s main competence of the Apple) said the vulnerability was so severe that the only way to rescue an iPhone that had been attacked would be to eliminate all the data it had. stored
The teenage hacker who earns $ 100,000 a year working only 20 hours per week
Another failure, they said, would allow copies of the files on a device to be made without the owner’s authorization.
Last week Apple corrected these errors, but researchers say they found a sixth flaw that has not been corrected with the latest operating system update.
“That is quite unusual,” said Professor Alan Woodward, an expert in cybersecurity at the University of Surrey, in the United Kingdom.
“The reputation of the Google Zero team is such that it is worth considering.”
The Argentine teenage hacker millionaire who earned US $ 1 million discovering computer errors
The Zero project was established in July 2014 to discover cyber vulnerabilities that were going unnoticed.
On other occasions, Zero alerted Microsoft, Facebook and Samsung, among others, about problems with their code.
If hackers discover the fault that has not been fixed, they could block an application or execute their own commands on iPhones, iPads and iPod Touch.
Apple has not commented on this specific problem, but has urged users to install iOS 12.4, the latest version of their operating system.
This update aims to solve other Google Zero findings, as well as a wider range of failures and threats.
“Keeping your software up to date is one of the most important things you can do to keep your product safe,” Apple said in a statement.
The ZDnet technology news site, which was the first to report these bugs, said the level of detail shared by Google about the other errors could be enough to allow hackers to try to exploit those weaknesses.
The site states that users must download iOS 12.4 “without delay.”
Natalie Silvanovich, one of Google’s researchers, plans to share more details of her findings during the Black Hat computer security event, which will take place in August in Las Vegas.
According to the synopsis of his presentation, Silvanovich will also talk about possible failures of Apple’s visual voicemail service, which allows you to see a list of messages and choose which ones you want to hear or delete.
It will also present possible weaknesses in the Apple mail app.
One of Apple’s security chiefs will also participate in this event, where he will deliver a talk promising to show “behind the scenes of iOS and Mac security cameras.”