A couple of weeks ago, the first iPhone worm appeared, Now, according to early reports of strange activity by Dutch ISP XS4ALL, and later confirmed by Sophos, there’s a new worm in the wild, and this one is far more malicious……….
News link: here
BT Vision is a freeview box and digital TV recorder combined - you can enjoy Freeview channels, tv on demand, sports tv and more.
Get a great deal with our digital tv packages or look at the BT credit card for discounts. Visit us to find out more.
BT Phone line
BT Total Broadband
A TV and aerial
Freeview coverage
Want fast, broadband wireless Internet? Get a BT dongle Or get a wireless internet connection from BT .
If you are unsure of how fast your line is, use our broadband checker. You just have to enter your telephone number or postcode below. You'll need a minimum of 2MB speed to be able to get BT Vision.
Want to see check broadband availability in your local area? Enter your postcode in our broadband postcode checker below and find out what is available to you.
BT offers great support including services for computer security and media storage. Contact us and we'll be more than happy to help you.
49 Responses
12.4.2009
WHAT IS IT GOOD FOR
12.4.2009
ABSOLUTELY NOTHING
12.4.2009
If you want to, install the Cydia app "Toggle SSH" for easy disabling and enabling. To change the password from the default alpine, do the following:1. Open Terminal (on the iPod/iPhone)2. Log in, user: "root", pass: "alpine" or sometimes "dottie".3. Type "passwd"4. Enter your new password and confirm.More information on SSH: gizmodo.com/300323/short-and-sweet-ssh-guid …
12.4.2009
At the end of the title it says "[WAR".There is an older song by Edwin Starr called "War" with the lyrics:"War.What is it good for?Absolutely nothing."
12.4.2009
In other news, if you leave your front door open, people will steal your *****.
12.4.2009
It says only jailbroken phones are affected.Hmm… wonder if APPLE created this worm?
12.4.2009
There was an article similar. It was about a worm using the same vulnerability but it just changed your wallpaper to Rick Astley. This one enables remote commands to be sent to the device.
12.4.2009
The fact that it only affects jailbroken phones should be in the headline.That being said, if you’re proficient enough to intentionally root your phone and install ssh, you should be wise enough to change the password and keep the daemon off when you’re not using it.
12.4.2009
That’s kind of the point of the article…
12.4.2009
If you’re Jailbroken, you should change the root password. Here’s how:1) Open Terminal (available free on Cydia).2) Type "login".3) At the login prompt, type "root".4) At the password prompt, type "alpine".5) Type "passwd".6) Type a new password (twice).7) Type "exit" to log out of the root account.It also might be a good idea to change the default user (mobile) password:1) Open Terminal.2) Type "passwd".3) At the old password prompt, type "alpine".4) Type a new password (twice).
12.4.2009
I heard that it only affects jailbroken iPhones.
12.4.2009
Say It Again.
12.4.2009
It only affects jailbroken iPhones, because there’s no ssh on unhacked phones, and the default ssh password is the same for every jailbroken iPhone.
12.4.2009
Oh Christ, the only thing worse than trolling is apologizing for it.
12.4.2009
Just out of curiosity, and I know I’m going to get scolded for this, but how do I change my SSH password and am I safe if Open SSH is already disabled on my phone through BossPrefs?
12.4.2009
If you don’t have it yet I’d recommend SBSettings instead. It installs a control panel that activates when you swipe your finger across the infobar(taskbar?) at the top of the screen with one-button toggling of Wifi, 3G, SSH, brightness, etc. Has a shortcut for respringing and rebooting (instead of just a shutdown) and a task manager. Worth the hassle of jailbreaking alone. It’s skinnable too, I’ve got an LCARS skin on mine. Here’s some more info: iphonehacks.com/2009/02/sbsettings-offe …Edit: Turns out SBSettings is an update of Bossprefs. Probably worth upgrading anyways.
12.4.2009
iPhone is a nice juicy target.
12.4.2009
You are ignorant. Not everyone who jailbreaks does it to pirate. Some use it so they can get apps from cydia that are better than the ***** Apple gives them.
12.4.2009
Quiet… I’m trying to figure out if this affects anything other than jailbroken phones…
12.4.2009
I coulda sworn it said "RAWR" at the end. I like that a lot better.
12.4.2009
It even had a scene in Rush Hour: youtube.com/watch?v=41cJUliIuH0
12.4.2009
*** ONLY AFFECTS JAILBROKEN IPHONES ***This needs to be restated.
12.4.2009
I know you – Mr. "we never really landed on the moon" guy.
12.4.2009
I’m going to create an iPhone app that fixes this vulnerability and sell it for $.99
12.4.2009
why?
12.4.2009
My iPhone isn’t jailbroken and hasn’t seen a worm…ever.Also, it doesn’t run a piece of ***** mobile OS like Windows Mobile.I think you lose.
12.4.2009
I was going to say "kids these days…" but you’re not a kid. You MUST have heard that song before. It’s been used in so many movies it’s ridiculous. :pThe song: youtube.com/watch?v=bX7V6FAoTLc&fea …
12.4.2009
It only affects jailbroken phones. You avoid this problem by kissing Apple’s ass MORE, not less. Everyone’s going to say "This is a good reason to ALWAYS listen to Apple!"So yeah. You might not be getting the effect you’re hoping for.
12.4.2009
It depends upon whether your phone is jail broken or not. If your iPhone is not jail broken, then there is no danger, if it is jail broken, then it is VFS (very ***** serious).
12.4.2009
I was only kidding. It’s abundantly clear the worm only affects jailbroken phones.
12.4.2009
I use SBSettings as well. It’s better because it’s accessible from anywhere on the iPod, and not an app (You can adjust things from any point, and not have to close out an app. If you wanted to multi task, download Backgrounder from Cydia). I used an LCARS theme for my entire iPod for a while, but then I found Glasklart. Easily my favorite theme.
12.4.2009
Wrong. Do NOT change the mobile user’s password. Certain apps that need elevation privaleges use the mobile user to elevate to root access through a method similar to sudo. When you change it, those same apps then crash. Better to just deny the mobile user from being able to login via ssh. Oh and also you can change the port ssh is on.
12.4.2009
Only a miniscule number of iPhone users feel like they were "forced." The rest recognized how a free market works, and if they wanted a more open phone, they bought a different one.
12.4.2009
there’s an app for that.
12.4.2009
Ouch. That’s got to hurt. If you’re going to mock somebody for being "pompous", get it right.This doesn’t affect true Apple fanboys who don’t jailbreak their phones. This affects the open source freedom-loving hacker types that do.
12.4.2009
That’s actually a good idea, but it would never get App Store approved. And nobody actually buys anything on the Cydia Store.
12.4.2009
Yeah, a botnet consisting of software dialed smart phones will be more annoying than a botnet of PCs, in some ways.When the two types of botnets discover each other it is not going to be pretty. Or quiet.
12.4.2009
Windows users: marketshare!!!Mac users: stfu, it’s not marketshare, it’s the OS.iPhone users: marketshare!!!everyone else: /facepalm
12.4.2009
I don’t understand your question. Are you asking if it sounds malicious? Can’t you kinda figure that out for yourself?
12.4.2009
Or, as they’re known at Microsoft, "Commies".
12.4.2009
Apparently Lightstab didn’t read the last article.
12.4.2009
No one forced you to be a tool and buy a phone that doesn’t offer what you want because you were under the impression that it was the best thing ever.Why are people such stupid consumers? I was in the market for a new phone and at the time I knew nothing about the industry. I figured I had tol get that new $99 cheap iphone that seemed so amazing. Then I did research and found that an android phone was more suited to my needs and my wallet. Why in gods name would you give a company money if you hate their methods? Vote with your wallet, buy the phone with the more flexible OS, and quit whining as if you had no other choice but to buy the iphone.
12.4.2009
Non issue for anyone who hasn’t jailbroken their phone… or was smart and changed the default SSH password
12.4.2009
Yes, you’re safe then since SSH isn’t open. You can also not install it to begin with (i.e. if you’re using DiskAid to access your iPhone instead). I recommend going that route since resetting your iPhone will switch SSH to ON by default…
12.4.2009
Thanks for the tip; I didn’t know that.
12.4.2009
Changing the port SSH is on just gives you a sense of false security. Malware is smart enough to scan for SSH on other ports besides the default one. Tat kind of security by obscurity never works for long.Safer to just not install SSH or jakbreak at all. You can’t undo data theft, and you probably cannot infect your phone if it gets infected. Things like rootkits slip by even the best & most knowledgeable folks for ages. The Sony one slipped by Microsoft and the entire Windows AV/security software community for well over a year. And, as soon as word of it and its flaws came out, malware just totally piled onto its backdoor.These days, when you get violated by one malware, it is common to get violated by a legion of them.
12.4.2009
Sophos is out of its element when it talks about Apple products. It is not an area where it has expertise and battle scars, like it does trying to protect Windows from its sea of malware.In the article sited below, here is something Sophos says: >> "The banking [attack] is new to mobile devices," says Chet Wisniewski, a senior security advisor at antivirus firm Sophos. "It goes through your phone, grabbing all your text messages, and sends them off to a server in Lithuania." << src – technologyreview.com/communications/240 …However, the reality is, what Sophos "senior security advisor totally missed is that banking attacks are not at all new to mobile devices.Example -January 2009 – Symbian phone banking virus detected by Sophos rival Kapersky Labs intomobile.com/2009/01/27/new-symbian-v … Okay, so maybe Sophos was unable to detect and report the Symbian mobile banking virus themselves but can’t they at least read industry press releases from other companies in their industry to learn about them?There are two things that the Windows security crowd (press, industry) has a spotted record on reporting:1. What has happened. Obviously, when you see a "first" happening more than once, it is not a first, subsequent "first" reports are simply misreporting.2. What OS the attacks happen on. It needs to be disclosed when flaws in MS-Windows are at the root of the problem. If it is at the root of 95% of the attacks, say – the press needs to be disclosing that, govenrment & law enforcement needs to be disclosing that, and the computer/security industries need to be disclosing that.3. Distortion. Sorry, but saying "popularity" is The Reason for security cracks is professionally bankrupt. It is a factor but that is all. Vulnerability is a huge, huge factor. Also, putting valuable information into a system with lots of vulnerabilities is also a factor. By the way, the guy who pointed out this Windows-specific problem was a scientist who said that having too many users on the same operating system represented a weakness and would give rise to epidemics. He was attacked by the industry and sacked for it, instead of being heeded and taking his advice.4, Fear-Mongering: exploitation by FUD. Okay, so where are these Apple worm & virus epidemics that have been predicted by the major Windows antivirus vendors every year since 2004-2005? Not surprisingly, the new epidemics hit Windows,and not Apple. Windows just happens to be where the vendors sell their products and make their profits. Kind of like yelling there is a fire outside a theater that is burning, so you can sell more popcorn to the people inside before they die.5. Omission: Windows security companies are quoted in headlines and introductions to articles about an "iPhone worm" when it should say "iPhone-jailbreak worm". The whole title and tenor of the articles should be "do NOT install the jailbreak under any circumstances". Instead, the articles often only mention the jailbreak, which is the ROOT CAUSE of the exploit and the sole source of the vulnerability. Some are mentioning jailbreak in the title and opening paragraph but most are not. If the goal is to educate the public, they should mention there are NOT publicly known worms spreading on Apple phones that have not been jailbroken. They should also mention Apple vetting applications for the iPhone apps store seems to be working, and that contrasts with apps coming from the jailbreak guys. This article is a prime example of leaving "jailbreak" out of the title.6. Misrepresentation. Calling the jailbreak hackers the "iPhone Dev Team" is a gross misrepresentation and abuse of trademark. Apple holds the trademark on iPhone, and paid a pretty penny for it. Apple does not employ these guys. These guys are not on the iPhone development team at Apple. This is a gross error by the press and tech bloggers.
12.4.2009
TL;DR.Synopsis: Reader is butthurt.
12.4.2009
tl;dr most of that tirade but what I did read was completely inaccurate BS.For example, iPhone 3G can NOT shoot video natively, without jailbreaking. Only 3GS can. And since jailbreaking is fully reversible, it has no effect on your warranty.