Pod2g Security Flaw in iOS allows Text messages Spoofing on iPhone
Pod2g Security Flaw in iOS allows Text messages Spoofing on iPhone – Pod2g is a well-known member of the Dream Team, the team behind many famous exploits which were used in Absinthe Jailbreak tool and Corona Jailbreak package. All of this was the combined effort of the developers and hacker but Pod2g was one of the most prominent members who firstly discovered this hack. This famous hacker has also got many awards at different security due to his work for finding exploit in iOS.
Well, the cat and mouse game between Apple and Hacker doesn’t find any end; the Security experts at Cupertino are making the iOS ecosystem more secure by introducing various securities while the hackers are also determined to find vulnerabilities and flaws in the iOS security so that a single hole can be used to inject the Jailbreak exploit. The good news is that earlier today, the main pillar of this iOS hacking community, Pod2g has found another security flaw in the SMS application of the iOS. The main thing is that this flaw can lead to SMS spoofing.
Here’s what Pod2g posted on his blog:
“A SMS text is basically a few bytes of data exchanged between two mobile phones, with the carrier transporting the information. When the user writes a message, it’s converted to PDU (Protocol Description Unit) by the mobile and passed to the baseband for delivery…
…In the text payload, a section called UDH (User Data Header) is optional but defines a lot of advanced features not all mobiles are compatible with. One of these options enables the user to change the reply address of the text. If the destination mobile is compatible with it, and if the receiver tries to answer the text, he will not respond to the original number, but to the specified one.”
According to Pod2g, this security flaw was present in iPhone 2G since 2007 and still presents in the latest release of iOS 6 beta 4. The even severe case is that this hole may lead to very serious problems because we all use text messaging in daily life and various services also use text messages to verify the details. So, this may lead severe complications. In other sense, this hacker is suppliant to Apple to fix this security flaw.
What we think that this guy is really serving the iOS community with his amazing exploits. What do you think? Share your thoughts in the comments section below.
