iPhone Capabilities - Potential for Eavesdropping?
I just saw a post about some of the browser capabilities of the new iPhone, and there was one feature that caught my eye:
- new telephone links allows you to integrate phone calls directly from your webpage. remember this is only on safari.
The first thing I thought of was, “Wow, I hope that you can’t somehow execute those links automatically via JavaScript…”. Can you imagine if you browse to a page and your iPhone automatically dials the number of an attacker and listens in on a conversation you might be having? Combine an XSS vulnerability on a high-profile website and a couple of high-profile CEO’s that we _know_ have an iPhone and you could get some pretty interesting dirt!
That would be kind of bad…
Update: Hehe, see.
1 Comment so far
Leave a comment
True love sees past all that…
By Rnaston 06.20.07 8:34 am
Leave a comment
Line and paragraph breaks automatic, e-mail address never displayed, HTML allowed:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>