News reports of foreign countries hacking other foreign country’s web sites and networks has been reported as far back as 2000. It seems the frequency of these attacks has been increasing over time and I am inclined to agree with an article in the Brisbane Times suggesting China willing participates or looks the other way when these attacks are happening. I say this because China reportedly has a tremendous Internet filtering infrastructure in place, they make the covert filtering mechanisms active in the US look like the efforts of a feeble script kiddie. They know who you are, where you surf, and what you’re surfing. They don’t allow certain protocols to enter/exit the country and often times traveling users’ VPN and SSH sessions fail to operate from China.

At any rate, the Briabane Times article is here. It also makes reference to the Estonia attack and points out the damage sustained in one of these cyber attacks is more efficiently obtained and is more discreet at the onset than amassing a network of spies or deploying a battalion of tanks. The article goes on to say:

“States are starting to figure out how cyberwarfare can help them achieve their goals, espionage, economic embargo, or coercion — to cause pain to your enemies so they change their behavior,” Moran said.

Cyber warfare is now a common pursuit among most states, said Bruce Schneier, who has written books on the subject. “Everybody does it,” he said.

Moreover, government networks are plagued with “lousy security” arrangements, he said. And as government information networks become more complex, the networks become increasingly vulnerable.

“Complexity is the worst enemy of security,” Schneier said.

Techie-type folks have been using MAC PowerBooks for years because OS X gives them access to a UNIX operating system and a very functional GUI in a secure little package.

It seems logical the iPhone would make a great penetration testing or security assessment tool and if the good guys use them, it stands to reason the bad guys are too! Why couldn’t the iPhone be a hacker’s choice for mobile hacking platforms?

Except for Windows Mobile, most phone operating systems are unique to the manufacturer. The underlying firmware is often ARM-based but the popularity of hacking ARM devices isn’t there. This uniqueness is one of the major reasons why cellular phones have not seen the same level of malware target them that targets PCs, to date. The iPhone brings to the hacker a mobile UNIX hacking platform much more discrete than those shiny PowerBooks or plastic looking iBooks. It definitely costs less than a PowerBook or an iBook; granted it doesn’t have the same processor, RAM, or hard disk capacity, but attack code created on the iPhone and the ability to hack other ARM-based devices from the iPhone could open the doors for new attacks on existing mobile devices.

More hacking info over at Metasploit, one of my favorite penetration testing tools, and over at TUAW.

When Apple unveiled the new iPhone, hackers, crackers, marketing types, and media outlets alike salivated; oh techno-enthusiasts aka customers too!

It is no surprise that the iPhone has been center of numerous attempts to crack, hack, subvert, reverse engineer, and otherwise decipher the software, hardware, architecture, and interfaces. After all the iPhone represents the greatest advancement in phone technology since… hmm, I’ll have to get back to you on that one. 

Steve Jobs is quoted in a Fortune magazine articleas saying that the iPhone will change the phone industry and I think he’s right but I don’t think it has changed in the way he is intending. The hype and appeal over the iPhone is amazing. Security “experts” have been saying for years that mobile devices aka cell phones are the next hacking platform and these new mobile viruses (virii — eek!) could disrupt or disable entire cellular networks.  The iPhone introduces a new twist to the mobile malware argument because the underlying operating system in this case is universally available and accessible. The cute, sophisticated, secure operating system found on those impressive 24″ iMacs, dual-core Intel PowerBook Pros, and amazing MAC servers is at the heart of the iPhone.

The bugs, flaws, exploits, and vulnerabilities of MAC OS X have always been minimized or defeated because MAC OS X doesn’t run everything as the Administrator like Microsoft Windows, according to Apple website on MAC OS X Security Architecture:

Many people find that Windows-based PCs are unusable unless they use the admin account, which exposes their PCs to attack. The Mac OS X default configuration, in contrast, guards against shady characters who could so easily take control of your system. 

eWeek reported the iPhone apparently runs every program and process with root or Administrator privileges, based on information posted on the Metasploit Official Blog (Metasploit Project).The iPhones apparently mimic the simplicity Microsoft Windows versions enjoyed for years: run everything as Administrator or Super-user.  Who says Bill Gates’ investment in Apple isn’t paying off!

Now the iPhone can make even more headlines!