Over a million developers have joined DZone.

New Security Warning: Watch Where you Plug your iPhone

DZone's Guide to

New Security Warning: Watch Where you Plug your iPhone

· Mobile Zone
Free Resource

Get gorgeous, multi-touch charts for your iOS application with just a few lines of code.

PC Mag reported recently that, at the Black Hat 2013 conference in Las Vegas, a demonstration was given that showed how a device running malicious software with an iPhone charger connected to it could easily take control of your iPhone and install malicious apps on it.

The setup, dubbed Mactans (after the binomial name of the black widow, Latrodectus mactans), essentially runs a set of Apple-sanctioned dev tools that pair with the device when it's hooked up. The trick is that it relies on a basic assumption people make, which is that it's safe to use their iPhones when they're plugged in and charging. But because iPhones charge through their sync cables, it's possible to send or receive packets from the smartphone while charging.

The device is bulky, but could easily be concealed in charging stations like the ones you see in airports or in malls. It won't work as long as your phone is locked, but as soon as you do unlock it (to check Facebook while you wait for it to charge, for instance) your phone is, of course, open to receiving and transmitting packets. At that point, Mactans has control over your phone and can install any software it wants.

Apple is purportedly working on fixing this issue in iOS 7, so until you upgrade just be careful about where you plug your iPhone.

.Net developers: use Highcharts, the industry's leading interactive charting library, without writing a single line of JavaScript.


Published at DZone with permission of Allen Coin. See the original article here.

Opinions expressed by DZone contributors are their own.


Dev Resources & Solutions Straight to Your Inbox

Thanks for subscribing!

Awesome! Check your inbox to verify your email so you can start receiving the latest in tech news and resources.


{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}