Digital Trends

Viewing a malicious Web page with the iPhone's built-in browser could give outsiders complete control of the phone.

iPhone users may be careful to keep their spendy gadgets locked in death grips on crowded subways and busses – but that doesn’t mean they’re safe. A new exploit uncovered by an independent security company and reported by the New York Times could compromise the device’s security using only a malicious Web page.

According to Independent Security Evaluators’ principal analyst Charles Miller, the hole can give outsiders complete control of the phone, allowing them to transfer files, browse through messages or even make calls. In a demonstration, Miller exposed his own iPhone by visiting a Web site he had rigged to exploit the security hole, which in turn swiped his messages, phone contacts and e-mail addresses.

Fortunately for fans of the mobile device, Miller’s crew has no malicious intent and has already revealed the flaw to Apple with the hope of getting it patched soon. In the meantime, they have set up an informative Web site giving a run-down of the exploit for the technologically curious, and ways to avoid it for the technologically terrified.  

In the Times article, Miller’s colleague Aviel Rubin commented that he doesn’t believe the hack is a black eye for Apple. However, he does believe that the relative obscurity of Apple’s operating system that has lead hackers to overlook it so far could end with the popularity of the iPhone, exposing the company’s software to more scrutiny.