iPhone Flaws

Two serious security flaws are creating problems for both iPhone users and people who use social networks on public wifi systems.

The first is an flaw that allows someone to access your iPhone, even if it’s locked. Someone can punch in a series of keys on a locked phone and bypass the password protected lock screen. By tapping the “Emergency Call” button, then three pound signs, then it the green Call button and immediately press the Lock button. http://www.wired.com/threatlevel/2010/10/iphone-snoop/

Doing so allows the unauthorized user to access the phone, the address book, voicemail and call history.

Apple says they are going to send a software fix with the next update in November.

The second problem is a small program called Firesheep. Firesheep is an add-on to the Firefox browser which allows someone to grab user names and passwords on a shared wireless network like an coffee shop or an airport.

It works like this. You log on to your laptop at a local coffee shop and decide to update your Facebook status. Your computer sends that user name and password over the network unsecured. Firesheep allows someone to “sniff” the information over the open wireless and grab the information and sign on to your social network like Twitter, Yelp, Flickr, Facebook or others and pretend to be you.

The Electronic Frontier Foundation has a program users can download to largely put an end to the problem. https://www.eff.org/https-everywhere The program is called HTTP Everywhere, and forces the social networking sites to use a secure sign on like the ones you would use for shopping or banking.

Duration : 0:2:15

iPhone