A site devoted to discussing techniques that promote quality and ethical practices in software development.

Friday, August 3, 2007

Is this plain stupidity or laziness or both?

Recent release of Apple iPhone excites the hackers community so much so that it has now discovered that:

At the top of the list, the device's operating system runs every application with administrator privileges, according to Miller and his cohorts at Independent Security Evaluators, turning a simple breach of any application into a breach of the system. In addition, both the iPhone's stack and heap are executable and the layout of programs in memory are not randomized -- two factors that make exploitation of any vulnerabilities much easier, he said.

"I think people are letting Apple off easy," Miller said. "You need to design the iPhone so that even if there is a problem in Safari, people don't completely take over your phone."

Gee, Apple has unwittingly given the hackers a great helping hand. It is definitely easy to program for iPhone because one needs not be concerned with security.

No comments:

Blog Archive