Charlie Miller, the hacker who discovered a hole in the new Apple Safari in ten seconds in the Pwn2Own contest, can now take complete control of an iPhone by merely sending a text message. And no, you don’t even have to open it!

Once taken control, the hacker can exploit the hole to make calls, steal data, send text messages, and do basically anything that the user can do with his iPhone. Miller and his partner Colin Mulliner demonstrated this scary scenario to CNET writer Elinor Mills at the Black Hat Security Conference on July 29, 2009. The two are professional researchers with a security firm and are just showing Apple the many security loopholes in their device.

CNET’s Elinor Mills described how it happened: “While I was talking on the phone to Charlie Miller, his partner, Collin Mulliner, sent me a text message from his phone. One minute I’m talking to Miller and the next minute my phone is dead, and this time it’s not AT&T’s fault. After a few seconds it came back to life, but I was not able to make or receive calls until I rebooted.”

The attack is enabled by a serious memory corruption bug in the way the iPhone handles SMS messages, said Miller, a senior security researcher at ISE – Independent Security Evaluators. There is no patch, despite the fact that Apple was notified of the problem about six weeks ago, he said. All current versions of the iPhone operating system are affected.

Asked what an iPhone user can do when attacked, Miller replied: “Rebooting wouldn’t be a bad idea. It would stop all but the most sophisticated attacker. However, it doesn’t take but a second to grab all your personal info from the device, and as soon as you turn it back on, the bad guy could attack you again. That’s why I think this is so serious.“

So if you have an iPhone in your pocket.. be alert!

Source : Article by Elinor Mills at CNET News

BARELY a tweet is heard from most Twitter members despite the soaring popularity of the micro-blogging service, according to a pair of freshly-released reports..

Web analytics firm HubSpot found that nearly 55 per cent of 4.5 million Twitter members monitored have never “tweeted” — fired off concise text messages to others using the micro-blogging service.

More than half of Twitter members have no followers and about 55 per cent of them aren’t following anyone else’s micro-messages, according to a “State of the Twittersphere” report by HubSpot.

Meanwhile, a study by Harvard Business School researchers concluded that 10 per cent of Twitter members account for 90 per cent of tweets.

“A typical Twitter user contributes very rarely,” Harvard MBA student Bill Heil and assistant professor Mikolaj Piskorski said in a university blog post containing the findings.

“Among Twitter users, the median number of lifetime tweets per user is one.”

Those that do tweet tend to do so during traditional US work hours, with messaging dipping on weekends, according to HubSpot.

Common phrases used in tweets indicate the San Francisco startup’s service is most popular in cities where the dominant language is English, said HubSpot, which noted that Twitter continued to grow at “an astounding” rate.

Twitter has been adding millions of users a month and its website received 32.1 million unique visitors in April, according to tracking firm comScore.

Twitter, which allows members to exchange 140-character-or less messages, can be used on computers, mobile telephones, and now on television sets using a newly-announced online link to Microsoft Xbox 360 videogame consoles.

Well I think BSNL (Bharat Sanchar Nigam Limitted – The leading ISP in India) needs to learn alot in the ISP field. You know what they used OpenDNS – A internet based DNS server, in the Wireless Land Line (WLL) service, to block different categorized sites. They included proxy, hacking too.. even a slight use any matter related to it will get yourself blocked from it!. Its good to use them to block Adult sites, but they block every server where any of the restricted items are used. Consider if I have a free hosting server, in that server all type of people will be there. Some may use proxy scripts or even their on inventions on hacking, and its more than enough for OpenDNS to block that server including all the good sites comes under their hosting!! And my free site hosted @ x10hosting – A really good free hosting provider if you ask me, got blocked too!! I didn’t used anything they listed as “BAD”.

And I tried a bit of my favorite web spots.. hurayy they all are blocked too!! I waited for them to change DNS system as I thought they might be testing it, but days passed nothing happened. I got angry on the Administrator of the ISP and mailed him the following :

Dear administrator,
Am happy that you took actions to block unwanted sites in this network. But you were wrong in this. Because almost every of my freedom to surf the net is now blocked. I don’t think people will like this policy. I have a website hosted at a well known free web hosting server. But it is included in the blocked list as someone who have an account there used proxy / anonymizer, now I can’t access my personal web page!!?? This is not right thing to do to a public network, please leave this DNS system to your private network if possible. There are lots of way to block unwanted sites(they are freewares too), the users of this network can use them if they want. May be you can conduct an awareness programme to let users know of it, but please leave this network open. I hope you get the seriousness of what I said. Please.. please atleast change the settings in the OpenDNS to allow more site categories. Thanking you for your “wonderful help”, JOSE.

I dont know whether they changed their stratagies because of my letter, from the next day all the DNS system was back to normal!!