Two veteran hacker teams managed to successfully crack Apple’s iPhone and RIM’s BlackBerry during Pwn2Own 2011.
The iPhone was hacked by Charlie Miller and Dion Blazakis, who exploited a flaw in the Mobile Safari web browser which subsequently facilitated easy access to the phone’s address book.
Similarly, Vincenzo Iozzo, Willem Pinckaers and Ralf Philipp Weinmann used a number of flaws in BlackBerry’s WebKit-based browser to visit a specially coded website and compromise the device.
Still, the talented trio conceded the attack was difficult to execute, as the latest BlackBerry OS lacks public documentation and software tools.
“Even after finding the initial security flaw, converting this into a useful exploit was difficult,” explained Peter Bright of Ars Technica.
“They had to chain together three separate flaws to achieve a successful compromise, using information garnered from two information disclosure issues in conjunction with a third integer overflow flaw to run their exploit code.”