You are viewing a read-only archive of the Blogs.Harvard network. Learn more.

My first thoughts on the iPhone

“iPhone features a rich HTML email client and Safari — the most advanced web browser ever on a portable device — which automatically syncs bookmarks from your PC or Mac. Safari also includes built-in Google and Yahoo! search. iPhone is fully multi-tasking, so you can read a web page while downloading your email in the background over Wi-Fi or EDGE.”

My work at the Stop Badware group has shown me that trojan dialers are still all the rage. And I have to step back from my multiple T-1 connections at the collective space I hang out at or the even larger bandwidth provided on Harvard’s campus to realize that some people still use the plain old phone system to dial up to the internet. I don’t have a single system anywhere with a modem left so infecting me with a dialer really isn’t going to get you anywhere.

An iPhone however is just ripe for this type of abuse (and so are PocketPC based phones now that I think about it). So it isn’t that iPhones are going to be the only portable devices that will likely be targeted by this type of attack in the future but the descriptions of the iPhone certainly did set off that alarm in my head. Not just from browser based attacks but the rich HTML interface. MS has been quietly reducing the HTML rendering capabilities in their email clients because attackers kept exploiting every single aspect of it. I think over time Apple may need to learn this lesson as well. Rich HTML sounds great in the marketing of an email client but rarely has one survived without getting spammed to death, infected by trojans, or both.

Post a Comment

You must be logged in to post a comment.