Cryptopath

Zeroing in where security hinges

Archive for April 2010

iPhone vulnerability HOWTO

XMCO Partners is a security company publishing an online magazine about recent security topics. Their latest issue (#25) provides a HOWTO dedicated to creating signed mobileconfig files that are shown as valid from any iPhone/iPod Touch. The most interesting point is that they succeed in re-directing all web traffic from the victim’s device to their own server by configuring the operator access point proxy.

This issue (in French) can be found here:
ActuSecu at XMCO Partners

Advertisements

Written by cryptopath

2010-April-13 at 10:53

Posted in iphone, security flaw