exploits

Charlie Miller, also known by some in the security community as "Safari Charlie" for his Safari exploits at the Pwn2Own hacking contest, has announced that he and Vincenzo Lozzo, a student at the University of Milan, have recently discovered a new exploit to trick the iPhone into running unsigned code, and will be revealing their findings at the Black Hat Security Conference in Las Vegas.

A developer claims to have found a new exploit in the iPhone that may let App Store developers sneak dangerous code into their apps. With Apple-developed apps, an image called 'Default.png' is displayed while the app is launching, and can do anything from show the current date or display the contents of the app before it's finished loading. App Store devs are limited to static 'Default.png' images, but dev Patrick Collison has found a way around this.

Yet another security flaw in the iPhone's software had been found, and while it's probably not particularly harmful to the majority of users, it is pretty interesting. Karl Kraft posted the exploit on his blog, but he wasn't the one to uncover it. No, despite his skills with a computer and knowledge of the software, he didn't find it. Instead he says it was found by his 12-year-old son.