This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
Mobile Attacks and Defense
July-Aug. 2011 (vol. 9 no. 4)
pp. 68-70
Charlie Miller, Accuvant Labs
Smartphones' features are great, but with the power they provide, there's also a threat. Smartphones are becoming a target of attackers in the same way PCs have been for many years. This article examines the security models of two popular smart phone operating systems: Apple's iOS and Google's Android.

1. N. Seriot, "iPhone Privacy," presentation at Black Hat DC 2010; www.blackhat.com/presentations/bh-dc-10/ Seriot_NicolasBlackHat-DC-2010-Seriot-iPhone-Privacy-slides.pdf .
2. C. Mulliner and C. Miller, "Fuzzing the Phone in Your Phone," presentation at Black Hat 2009; www.blackhat.com/presentations/bh-usa-09/ MILLERBHUSA09-Miller-FuzzingPhone-PAPER.pdf .
3. "WebOSL: Examples of SMS Delivered Injection Flaws," Insight,16 Apr. 2010; http://intrepidusgroup.com/insight/2010/ 04webos-examples-of-sms-delivered-injection-flaws .
4. R.P. Weinmann, "All Your Baseband Are Belong to Us," https://cryptolux.org/mediadeepsec-aybbabtu.pdf .
5. B. Alberts and M. Oldani, "Beating Up on Android;" www.immunityinc.com/infiltrate/presentations Android_Attacks.odt.pdf.
6. "CVE 2009-2999," Mitre, 2011; http://cve.mitre.org/cgi-bincvename.cgi?name=CVE-2009-2999 .

Index Terms:
smart phone, Android, iPhone, iOS, computer security, jailbreaking, malware, App Store, Android Market, sandbox, SMS, data execution prevention, DEP, address space layout randomization, ASLR
Citation:
Charlie Miller, "Mobile Attacks and Defense," IEEE Security & Privacy, vol. 9, no. 4, pp. 68-70, July-Aug. 2011, doi:10.1109/MSP.2011.85
Usage of this product signifies your acceptance of the Terms of Use.