iPhone + ATT + DNS = Bad Juju

22 07 2008 Hacking

So, now that your feed reader is full up of all the DNS problems, I would like to present you with one more tidbit. How many of you have checked your iPhone, Blackberry, or other web enabled mobile device against this vulnerability?  I did, and wasn’t happy.

For more information please check out these links:

In depth explination: http://www.mcgrewsecurity.com/?p=151
To check to see if you are vulnerable: http://www.doxpara.com/
http://www.mckeay.net/2008/07/21/patch-dns-now/
http://www.matasano.com/log/mtso/
http://www.doxpara.com/?p=1176
http://blogs.zdnet.com/security/?p=1520

Comments : 2 Comments »
Categories : Hacking
Trackbacks : No Trackbacks»

Comments

Display comments as (Linear | Threaded)
22 07 2008
#1 Scott (Reply)

I found that on the train this morning myself. I wanna play with it a bit, give a call to AT&T, and see if things like the Bank of America application work off of IPs or URLs. Interesting to see.
Comments ()
24 07 2008
#2 Chris (Reply)

I was wondering about this! I have yet to receive my iPhone but I hope they sort this out quickly. I know there are still a few ISPs out there with this problem. Is there a way of changing your DNS settings on the iPhone to go through something like openDNS?
Comments ()

Add Comment


Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.
Standard emoticons like :-) and ;-) are converted to images.
E-Mail addresses will not be displayed and will only be used for E-Mail notifications
BBCode format allowed



Submitted comments will be subject to moderation before being displayed.