ARTICLE: Security Issues with Dialer and Safari

Witness

Zealot
Gold
Jun 18, 2007
1,471
5
38
26
Miami,Florida
#1
Guys read this article or skip to the last paragraph it is very important

Intended to be a convenience, the unique dialing feature included in the iPhone version of the Safari browser might soon become a nightmare.
SPI Labs' lead researcher Billy Hoffman says that the feature that is designed to dial any number displayed on a Web page after a user taps it is subject to various attacks, including cross-site scripting and drive-by downloads. This issue was first reported to Apple on July 6, but Hoffman believes the "unique urgency" and its potential to affect a large number of people warranted public disclosure.
Potential uses of this vulnerability cited by Hoffman include the ability to redirect free calls to fee-based phone numbers, track phone calls, manipulate the confirmation screen to place a call even if a user doesn't accept, place a phone in an infinite loop where the only escape is to turn off the phone or prevent the phone from dialing.
In a blog, Hoffman offers a few real-world scenarios. "For example, an attacker could determine that a specific Web site visitor "Bob" has called an embarrassing number such as an escort service. An attacker can also trick or force Bob into dialing any other telephone number without his consent such as a 900-number owned by the attacker or an international number. Finally, an attacker can lock Bob's phone forcing Bob to either make the call or hard-reset his phone resulting in possible data loss."
Until Apple resolves these issues, SPI Labs recommends avoiding the feature in Safari that allows iPhone users to make calls by not tapping phone numbers on a Web page.
 
Last edited by a moderator:

spacerog

New Member
Bronze
Jun 11, 2007
463
0
0
www.spacerogue.net
#5
iPhone's Safari dialing feature can be hacked

Intended to be a convenience, the unique dialing feature included in the iPhone version of the Safari browser might soon become a nightmare.

SPI Labs' lead researcher Billy Hoffman says that the feature that is designed to dial any number displayed on a Web page after a user taps it is subject to various attacks, including cross-site scripting and drive-by downloads. This issue was first reported to Apple on July 6, but Hoffman believes the "unique urgency" and its potential to affect a large number of people warranted public disclosure.


Old news.
 

greenjbhsd

Member
Silver
Jul 13, 2007
571
0
16
#7
Its old news, but also remember that the dialer will hit you with a confirmation box before you dial, so make sure you look at it. I have done the web dialing thing a few times and I always get a prompt with the number it will dial (which could be different then what you see on the site).
 

Kabeyun

Member
Silver
Jan 10, 2007
665
0
16
Northeast US
#10
i don't get it . i read it but don't get it. im lost.
For your convenience, phone numbers you come across while browsing appear as hyperlinks (blue & underlined) which, when tapped, take you to iPhone's phone application and offer themselves to be dialed. This makes it easy to call a number you see on a web page, because you don't have to remember it or write it down.

Essentially the concern is that malicious people will tamper with the code in that phone number link. This could theoretically make the iPhone call a different number than the one you see in the browser, or do other things like log activity or take you to a targeted website.

-K
 

tjespo22

New Member
Bronze
Jul 20, 2007
50
0
0
#11
For your convenience, phone numbers you come across while browsing appear as hyperlinks (blue & underlined) which, when tapped, take you to iPhone's phone application and offer themselves to be dialed. This makes it easy to call a number you see on a web page, because you don't have to remember it or write it down.

Essentially the concern is that malicious people will tamper with the code in that phone number link. This could theoretically make the iPhone call a different number than the one you see in the browser, or do other things like log activity or take you to a targeted website.

-K
i get it now. thanks