Although each statistics and surveys confirming that iOS is the most secured operating system if compared with other smartphones’ operating systems, the hackers continue to discover vulnerabilities on iOS.
Pod2g, the well-known iPhone hacker behind the hole used on Absinthe 0.4 used to jailbreak iOS 5.0.1 and Absinthe 2.0.4 to jailbreak iOS 5.1.1, he discovered a sever flaw on SMS system on iOS.
Pod2g describes what exactly happens:
A SMS text is basically a few bytes of data exchanged between two mobile phones, with the carrier transporting the information. When the user writes a message, it’s converted to PDU (Protocol Description Unit) by the mobile and passed to the baseband for delivery…
…In the text payload, a section called UDH (User Data Header) is optional but defines a lot of advanced features not all mobiles are compatible with. One of these options enables the user to change the reply address of the text. If the destination mobile is compatible with it, and if the receiver tries to answer the text, he will not respond to the original number, but to the specified one.
Simply, it’s possible to receive SMS from someone, when you reply to this SMS, your SMS will be sent to the one you reply to and another hidden number which may get a confident information from you.
Pod2g gives an examples to show you why it considered as an issue:
- pirates could send a message that seems to come from the bank of the receiver asking for some private information, or inviting them to go to a dedicated website. [Phishing]
- one could send a spoofed message to your device and use it as a false evidence.
- anything you can imagine that could be utilized to manipulate people, letting them trust somebody or some organization texted them.
This SMS flaw, exists since the first generation of iPhone and still exists in iOS 6 beta 4, we hope that Apple patch this hole before the public release of iOS 6 next month.