Warning of vulnerability in Symbian S60
According to an entry on the F-Secure blog entry, a Spanish hacker has found a way for applications on mobiles running Symbian's S60 operating system to obtain access to all files on the device. The starting point was a PC connection to Symbian's debugging interface. It has now, however, been made to work merely by installing an application in SISX format. In this respect, it resembles recent approaches to cracking the iPhone. In contrast to normal S60 software, the hack can be installed on the phone despite not being signed.
The SISX package contains a program which changes the privileges of all applications currently running on the device so that they can modify any files on the phone. Operating systems modified in this way, however, need to be restarted before the user can launch any other applications. More detailed descriptions of the hack can be found at Finestfones and Symbian Freak.
(mba)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/6/7/2/comingin310_4_kicker-4977194bfb0de0d7.png)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/3/2/3/comingin310_3_kicker-151cd7b9e9660f05.png)
