iPhone vulnerable to SMS spoofing
A new report by pod2g says that iOS has been vulnerable to SMS spoofing since its inception, and isn't even fixed in the latest beta version of iOS 6. He is urging Apple to fix the problem. pod2g explains why iOS is vulnerable on his blog:
PDU is a protocol that is pretty dense, allowing different types of messages to be emitted. Some examples : SMS, Flash SMS, Voice mail alerts, EMS, ...
The specification is large and pretty complex. As an example, just to code the data, there are multiple possible choices : 7bit, 8bit, UCS2 (16bit), compressed or not, ...
Apple is apparently grabbing the reply-to address from the message's User Data Header rather than the raw source. This leaves them open to spoofing. pod2g lists a few ways that hackers could mess with your iPhone:
-->
jay cutler oscar nominations rough riders joy division dodd frank norco rand paul detained