A security flaw in iOS allows a malicious non-removable push-notifications sending to iPhones, so claims a Swedish developer. Details about the vulnerability in iOS is missing still. Apple would be ‘no interest’ shown in the leak.
The developer, one Roman Digerberg who have a gps tracker for the iPhone, says to the Swedish ict-site Techworld that he found the vulnerability by accident on the track came when he accidentally finds a message sent to his iPhone, and then could not remove.
The vulnerability gives attackers the ability to send sms messages to iPhones that are always on the lockscreen appear and cannot be removed. Also claims to be the developer that he is with apps a random number of push notifications can disappear and reappear. In addition, he can a simkaartfout cause the user’s iPhone will need to reboot.
Digerberg says Apple is informed, but claims that the manufacturer has ‘no interest’ showed in the leak that he was. Then he decided the publicity to search. The vulnerability that Techworld describes is most likely in the way iOS certain kinds of messages to handle.
It is unclear whether the claims of the Swedish developer knocking. Digerberg has various webshops, but is not known as a developer. Tweakers has established contact with the developer, who says that he is within a few hours with further information.
Update, Thursday: The developer says to Tweakers that an exploit of the vulnerability as ‘very easy’ is: “I have a program that messages sent in a non-standard sms format. I can be your voicemail on and off and random text to your screen send.” The developer does not go in to questions about how the vulnerability technically. He repeats that he has ‘zero answer’ from Apple, when he was the bug reported.