At the Black Hat conference in Las Vegas, Charlie Miller and Collin Mulliner will present their findings about a possible SMS vulnerability present on many platforms, including the iPhone, Android and Windows Mobile. Apparently, most of the SMS vulnerability involves unexpected data, and it looks like SMS is not tested thoroughly because it’s expensive to send messages. It sounds dumb (carriers could send free test messages no?), but hey, why not.
The pair is set to show what can be done via SMS. Depending on the reports, that ranges from rendering the phone inert by keeping it 100% busy all the time (denial of service), to “totally controlling the phone”. What we do know for sure is that Charlie and Collin did warn Apple and others last month.