Cool iPhone Web Dialer May Be Too Risky to Use

SPI Dynamics identified a vulnerability in the iPhone's Safari browser that could allow hackers to interfere with calls dialers make using a touch screen feature that lets them dial phone numbers listed on Web pages by simply tapping on them.

Malware code could redirect the calls to 900 numbers that charge $10 to $20 per call, Hoffman wrote. Other more personal attacks could run the gamut from inconvenience to outright blackmail, according to a blog posting by SPI's Billy Hoffman.

Expensive, Embarrassing Phone Bills

"For example, an attacker could determine that a specific Web site visitor 'Bob' has called an embarrassing number such as an escort service," he pointed out. "An attacker can also trick or force Bob into dialing any other telephone number without his consent, such [as] a 900-number owned by the attacker or an international number."

Other scenarios:

• redirecting phone calls placed by the user to different phone numbers of the attacker's choosing;
• tracking phone calls placed by the user;
• manipulating the phone to place a call without the user accepting the confirmation dialog;
• placing the phone into an infinite loop of attempting calls -- the only escape is to turn off the phone; and
• preventing the phone from dialing.

SPI Labs reported these issues to Apple (Nasdaq: AAPL) on July 6 and is working with the company to fix the problems. Until then, SPI Labs advises iPhone users not to use the built-in Safari browser to dial telephone numbers.

Not Critical

Because users have the choice whether to use this feature, the flaw is not a dire vulnerability.

"I don't regard it as critical as the users does in fact make the decision if he or she wants to dial the number in the browser," Paul Henry, vice president of technology evangelism at security firm Secure Computing, told MacNewsWorld.

"There are far worse issues out there that are not iPhone-related, such as Web sites that allow VoIP calls between two parties that can be set up and dialed anonymously by a third party and, of course, Web sites that allow you to alter the caller ID sent for a specific call."

Rich Target

Indeed, the iPhone is a rich target for hackers because of its immense popularity out of the gate. Also, a hacker able to bring down the iconic device would earn unprecedented stripes in the malware community.

"Once a product is in high public view and distribution, it's inevitable that any security flaws it might have will be uncovered and exploited," David Perry, global director of education for Trend Micro (Nasdaq: TMIC), told MacNewsWorld.

More so than with any other computing system, operating system or Web site, iPhone users can count on the certain development -- if not the existence -- of commercial kits and instant hacks of their beloved devices, he said. "The iPhone is almost irresistible bait; it represents the hacker equivalent of cheese in the trap."

Indeed, ever since the iPhone was released, hackers have been eagerly deconstructing it to see how it ticks. Among the earliest discoveries: the root password for the device and the password for the mobile user account. Another hacker -- DVD Jon -- figured out a way for users to avoid AT&T's (NYSE: T) activation fees and posted a workaround on his Web site.

Safari's growing ubiquity does not help, Perry said.

"Now that Safari has been made available to the Windows world, it has put the iPhone platform in the hands of the world's most hacked environment," he noted. "We certainly haven't seen the end of it. I suspect that in the near future, some kind of malicious, illicit or just bothersome abuse of this platform will be discovered -- and will be unique to the iPhone and Safari."