Given the hype surrounding Apple's iPhone, we're actually surprised that we haven't seen more holes to plug over the years. In fact, the last major iPhone exploit to take the world by storm happened right around this time two years ago, and now -- thanks to OS X security expert Charlie Miller -- we're seeing yet another come to light. Over at the SyScan conference in Singapore, Mr. Miller disclosed a hole that would let attackers "run software code on the phone that is sent by SMS over a mobile operator's network in order to monitor the location of the phone using GPS, turn on the phone's microphone to eavesdrop on conversations, or make the phone join a distributed denial of service attack or a botnet." Charlie's planning to detail the vulnerability in full at the upcoming Black Hat conference, but Apple's hoping to have it all patched up by the end of this month.

[Via HotHardware]

Once again, T-Mobile has released a statement regarding the alleged hack into its systems last weekend, and it's backtracked a bit from the last one -- now, it's starting to sound like no data was stolen at all. Here's what we've got this time around from a company spokesperson:

"Following a recent online posting that someone allegedly accessed T-Mobile servers, the company is conducting a thorough investigation and at this time has found no evidence that customer information, or other company information, has been compromised. Reports to the contrary are inaccurate and should be corrected. T-Mobile continues to monitor this situation and as a precaution has taken additional measures to further ensure our customers' information and our systems are protected. As is our standard practice, customers can be assured if there is any evidence that customer or system information has been compromised, we would inform those affected as quickly as possible."

We're taking this as a good sign for customers at this point, but it's hard to say how many more statements we'll get before the matter's fully closed, so stay tuned.

Software vulnerabilities are no stranger to modern, highly-connected smartphones and feature phones alike, and fortunately, the big guys have been pretty good about staying on the ball and patching the serious stuff in a reasonable amount of time. The latest problem discovered in the Android browser's multimedia subsystem really sucks, though -- it's so bad, some security dudes are advising customers to "avoid" using the it altogether until it gets fixed -- and the most frustrating part about it is that it actually is fixed in the Android code trunk, it's just that no one's bothered to roll out an update to G1 users yet. In the meantime, the dude who discovered the problem is advising users to only visit trusted sites and avoid WiFi, so yeah, just don't browse or anything, okay?

[Via ReadWriteWeb]

There's already been a G1 firmware pushed out to patch up a browser security issue, but you know how it goes with those -- two flaws seem to magically sprout up in place of every one that's snuffed out. It's unclear exactly what's going on here, but some G1 users are reporting that attempting to visit Yahoo!'s home page is intermittently redirecting them to a totally legit-looking page imploring them to download some bogus Microsoft AntiSpyware crap -- and while we're thinking that this fake site was intended to target slightly larger computers of the Windows variety, it's disturbing that this redirect somehow managed to filter down to Android. It could be a DNS hack or a problem with T-Mobile's proxies, in which case the G1's own defenses are absolved for the time being, but that's not much comfort for Joe Yahoo-User, now is it?

[Via Android Community, thanks Dooosthy]

Over the years, Nokia handsets have fallen victim to the infamous KIRFing process time, and time, and time again. Evidently the suits up in Espoo have had enough, as evidenced by a new marketing campaign urging bargain hunters in India to avoid unbranded / duplicate handsets. The ad, which was spotted in the Mumbai Mirror, is comical in a number of ways. For starters, the notion that "originals last forever" is obviously misleading untrue, and secondly, the whole "instilling fear" tactic is severely unnecessary. Nokia asserts that all KIRF handsets lack an IMEI number, and thus owning one "could be a threat to your safety and national security." Or is that longhand for "a threat to Nokia's bottom line?"

Apple's taking a pretty lackadaisical attitude toward one of the most easily avoided security flaws in recent memory, calling the iPhone's passcode lock bypass a "minor iPhone security issue" and saying that a fix will be rolled out in September. Thanks, Apple; we suppose it'd be a little too much trouble to ask for a fix sooner, even though you already fixed it once in 1.1.4. For what it's worth, a company spokeswoman is quick to point out that the flaw can easily be hidden by changing the home button double-click functionality to take you to the home screen, but most users don't know that, now do they? Way to show some hustle, guys -- cookies and gold stars all around.

Let's be real: a four-digit code isn't very much separating a determined bandit from your data, which is all that the iPhone affords. Granted, the phone locks up after a few attempts to slow your arch-nemeses down a notch or two, but if your code is your birthday or the last four digits of your phone number -- and you know it is, so just admit it -- they'll eventually figure it out anyway. On second thought, though, never mind, because it turns out there's a pretty effective way around these formalities -- 2.0.1 and 2.0.2 have both been confirmed to let you around the passcode lock simply by hitting Emergency Call and double-clicking the home button. At this point, the user will have access to your Favorites list, which is pretty bad as-is, but from here, they'll be able to click on an arrow and use links within your contacts to get out to the SMS, Maps, or Safari apps. If you change the home button functionality from the default (Favorites) to Home, then nothing will happen at the Emergency Call screen -- your phone is safe from prying eyes, we guess. The iPod option will kick the user into the iPod app, though, which we think is almost as bad as the Favorites exploit, because we'd really rather not our thieves know that we listen to Hannah Montana. MacRumors is reporting that it may have already been fixed for a future firmware release, so yeah, any minute now would be just great, Apple.

[Thanks to everyone who sent this in]

RIM has issued a security warning to BES admins about a problem with the BlackBerry Attachment Service and PDF files. The flaw apparently allows would-be hackers to execute malicious code with a specially crafted PDF file. The Waterloo messaging behemoth has listed BES versions 4.1 SP 3 through 4.1 SP5, and BlackBerry Unite! as affected and rated the severity as 9 out of a possible 10 -- with 10 being the highest level of fail. Thankfully a workaround is available on RIM's site involving disabling the processing of PDF files until RIM can issue a fix for the misery. Hit the read link for the dirty details.

[Via PCWorld]

Although several Indian news outlets reported last week that RIM was preparing to let the Indian government monitor the domestic Blackberry network, it appears that the outcry has prompted the company to change course and announce that it's committed to "serving security-conscious businesses in the Indian market." That's a big reversal from the rumored plan, which would have allowed Indian security agencies access to the network in exchange for taking the blame for any leak of user data. Of course, not everything's quite settled yet: the Indian government is still demanding that RIM furnish "satisfactory answers" to its security questions, and RIM told the AFP that there are some other ways for "government to take care of security concerns" without elaborating further. Based on RIM's enterprise-heavy statements and refusal to comment on the consumer service, we'd guess that enterprise customers will probably get to keep their networks locked down, but that consumers shouldn't expect their messages to be secure. Not the best compromise, but we'll see how this all plays out.

We briefly mentioned using junk data to overwrite the iPhone's flash as a last-ditch method of securely clearing off your user data yesterday, and although we were half-joking, that's pretty much your only option until Apple provides a proper secure erase feature. Security researcher Rich Mogull has helpfully laid out the steps for you, and they're pretty much what you'd expect: restore your iPhone, don't sync any personal data to it, and then manually transfer three different playlists large enough to fill the flash. Essentially you're doing a manual three-pass overwrite, which is pretty much exactly the long and tedious process it sounds like -- but we wouldn't dream of selling or giving away our iPhones (or any other phone with personal data on it) without struggling through it.

[Via Hack A Day]

It looks like you might have to think twice before flipping that old iPhone on eBay when the 3G version finally hits -- it appears that restoring the phone doesn't actually erase the contents of the flash, meaning that your data is available to anyone with the proper tools until it's overwritten. Making matters worse, it appears that Apple doesn't do a low-level format when refurbishing iPhones either -- an Oregon State Police detective was able to use forensic software to pull files, emails, and screenshots off an out-of-the-box refurbished iPhone. This actually shouldn't be surprising to anyone -- we've seen several utilities that access "deleted" portions of storage -- but since Apple doesn't provide users direct access to the iPhone's filesystem, it's basically impossible to clear your personal data off the device short of restoring and filling the disk with junk data. Hopefully iPhone 2.0's Exchange-based "remote wipe" feature is a bit more secure, eh?

[Via TUAW]

Sure, we've seen cellphone encryption contraptions before, but KoolSpan's aiming to make things extra easy for green CIA agents. Set to be released next month, the microSD TrustChip slips right into a-many of smartphones and enables callers to hit up other undercover gurus and chat with 256-bit AES encryption, providing that the receiver of the call has a TrustChip jammed in his / her phone as well. Furthermore, the device itself touts enough features to make Maxwell Smart all sorts of envious: on-chip crypto processing, key management and a tamper-resistant environment for starters. Word on the street pegs this bad boy at $300, but we all know the cost of getting a call sniffed could be much more costly than that.

[Via GetFlashMemory]

Sprint users (or corporations with Sprint-using employees) can now look forward to "24/7 laptop security through remote monitoring, location and locking if a machine is lost or stolen." Thanks to a partnership with Alcatel-Lucent, the carrier will soon be offering up the OmniAccess 3500 PCMCIA card, which features its own battery, a "small operating system, a CPU, memory and an SD slot." When inserted into a lappie, it "hijacks the TCP/IP stack, so the card can enforce policies regarding what users can download, no matter what method the user employs to connect to the internet." Furthermore, the card must be loaded in for the laptop to even become usable, and the built-in GPS enables it to be located (and subsequently wiped or locked) regardless if the machine it's in is powered on. Reportedly, the device itself will run you around $250 and can only be used with unlimited data plans, and the extra security features will tack on another $10 to $12 per month.

[Via InfoWorld / Yahoo]

We know, you probably forgot that a certain smartphone from General Dynamics was even in the running for NSA approval earlier this year, but lo and behold, the Q4 estimate was actually met and the coveted thumbs-up was given to the (totally unfashionable) Sectera Edge. The National Security Agency has reportedly "awarded a contract to General Dynamics C4 Systems enabling military and government users to order" the mobile, and just in case you weren't aware of how lucrative an indefinite delivery / indefinite quantity agreement could be, this particular one has a "potential value of $300 million over five years." Folks that end up with one of these things will have handheld access to the US government's Secret Internet Protocol Router Network (SIPRNet) and Non-classified Internet Protocol Router Network (NIPRNet), but oddly enough, we're not told whether top secret agencies will be kosher with third-party applications.

[Via CNET]