Last week, at the black hat conference, the iPhone (and Android) devices were hacked
We implemented our injection framework for our three test platforms: iPhone OS, Android, and Windows Mobile. We believe that our approach for message injection can be easily ported to other smart phone platforms if these allow application level access to the serial lines of the modem or the ability to replace or add an additional driver that provides the serial line interface.
I did not know that at least three of the most open phones (relatively speaking) allow application level access to the serial lines of the modem without validation!
This is very odd(and I am trying to understand more)
I would have thought .. there is no way that phones will allow application level access to serial lines of the modem without validating that application in some way?
I am almost sure that Symbian does validate such applications .. but thought other platforms do as well