Monday, November 9, 2009

The iPhone "worm"... SRSLY

Read carefully because I'm only going to say this once ... the "iPhone worm" everyone is buzzing about is possible because of the fact that people jailbreak their phones and then do not change their admin password from the default.  That's seriously asking for it.

At any rate, if you read up on the iPhone, infections like this are only [at least currently] possible on a jailbroken iPhone due to the iPhone's inherent code-signing feature.

When ikee was interviewed over IRC for JD's blog, the virus writer had this interesting tidbit to say:

[09:05] {ikee} Secondly i was quite amazed by the number of people who didn't RTFM and change their default passwords.
[09:07] {JD} How far did you expect it to spread, exactly?
[09:08] {ikee} Well i didn't think that many people would have not changed their passwords I was expecting to see maybe 10~ or so people, at first I was not even going to add the replicate/worm code but it was a learning experience and i got a tad carried away :)

Well there you have it.  Even ikee didn't think that there were enough people who didn't "RTFM: Read the F*****g Manual" and neglected to change the default password.

Lesson here?

  1. RTFM
  2. Always know what you're doing when you apply any "hack"

1 comment:

stupid mac users said...

How can one seriously be "surprised"? Remember, the person bought an iPhone!