I’ve been keeping track of some of the online and media coverage regarding the recent iPhone ‘worms’ and it’s mainly a pile of crap.

It’s not a worm, it’s not even really an exploit. All it is, is stupidity from a number of parties that allow reasonably simple programs do bad things to their iPhones…

Phone Companies
Now, the worm that supposedly started the whole thing off, the Ikee worm if I remember correctly was done in Australia. This worm worked by scanning through the external 3G IP ranges of the mobile provider! Why on earth weren’t those addresses NAT’d. If they were then open ports on the iPhone wouldn’t be available on their public address, you’d have to be on a private network with one. As is the means the latest bank details phishing malware uses.

This does at least seem to be the case with O2 in the UK, during my testing I was unable to get a response from any port (22-100) using a live iPhone and it’s external IP at the time.

Jailbreak Creators
This is maybe a little harsh, many people jailbreaking their iPhones want SSH enabled but those same people are savvy enough to alter the default root password and could’ve probably enabled it on their own (once jailbroken of course).

Your average guy on the street would have no idea what SSH is even used for, let alone understand the possible implications of allowing root access to his device and in light of this I feel it was foolish of the Jailbreakers to enable it as default.

The Media
Like the public the media is full of people who don’t really know what they’re talking about. I’ve seen headlines like “First iPhone Virus” with articles being condescending to Apple users across the board. Probably written by journalists on shitty ACER laptops running Vista feeling smug in a Starbucks.

Now I’m not getting into the PC vs Mac debate, Mac users take every opportunity to appear superior and thus PC users will take any cheap shot they can get. It’s fairly balanced, they each have their strengths.

The BBC does at least make a noble attempt to explain some of the technologies involved (http://news.bbc.co.uk/1/hi/technology/8373739.stm) but doesn’t offer any links explaining how to alter your root SSH password.

The code required to exploit an iPhone with a default SSH password is not complicated. Knowing how to gain root access is usually the tricky bit. Once in you just need to understand where the iPhone keeps key files (it’s basically UNIX). It’s fairly simple to alter the hosts file to redirect legitimate sites to your own phishing versions or upload personal information to a server anywhere in the world. It’s even easy to alter the root password to lock you out of your own device.

So, it’s not a worm, exploit or virus. It’s just that loads of people have iPhones and less than a 5th understand even the basics about how they work.

UGH!