iPhone Security Flaw in PKI handling exploited by hackers

Enterprise business could be vulnerable to malicious code

The iPhone isn’t everyone’s cup of tea, but it’s certainly big enough to take its place alongside the iPod as a cultural phenomenon. I have one, and I know numerous other owners. Some go so far as to jailbreak the phone to open up certain features that Apple has intentionally disabled. They certainly do not support users doing this, but that hasn’t stopped thousands from using the OS exploit to mod their phone in new, exciting ways. I’ve been tempted, but I value my warranty. I may skirt the need for payday loans to keep my iPhone habit going at times, but so far I’ve been able to keep things under control.

But I’m not a business trying to get a fleet of iPhones synched

They have something new to worry about these days, according to Greg Kumparak of MobileCrunch. There is a new iPhone hack involving PKI handling. Kumparak points those concerned to the full details of the iPhone exploit on the blog Cryptopath. In essence, what’s happening is that the iPhone will accept settings configuration files via an over-the-air connection. Businesses use this feature to set up multiple iPhones at one time, and jailbroken phones use this method for tethering. … click here to read the rest of the article titled “iPhone Security Flaw in PKI handling exploited by hackers“