Charlie Miller Wins At Pwn2Own Conference Again By Hacking iPhone 4


At the Pwn2Own computer hacking contest held at the annual CanSecWest security conference, Charlie Miller has won another award for successfully hacking the iPhone 4. Miller used a flaw in the mobile version of Safari to swipe the address book from the phone.

Miller surfed to a rigged website on a mobile version of Safari and tried to do a drive-by exploit. The iPhone browser had crashed, but once it relaunched Miller could hijack the address book from the phone. This hack works on iOS 4.2.1, but won’t work on iOS 4.3. Apple added ASLR (address space layout randomization) to iOS 4.3 which means that hackers will have a hard time penetrating the system.

In 2007, Miller broke into a patched iPhone using a vulnerability in Safari. The hacked iPhone Safari browser was able to read SMS messages, the address book, call history, and voicemail data.

[ZDNet]

This article was written by Amit Chowdhry. You can follow me at @amitchowdhry or on Google+ at

Charlie Miller Wins At Pwn2Own Conference Again By Hacking iPhone 4 Comments

  1. Clash of Clans Gem Cheat says:

    I hardly write comments, however i did a few searching and wound up here Charlie Miller Wins At
    Pwn2Own Conference Again By Hacking iPhone 4.
    And I do have a couple of questions for you if it’s allright.
    Could it be only me or does it look as if like some of these remarks come across like they are left by
    brain dead folks? :-P And, if you are posting on additional places, I’d like to follow everything new you have to post.
    Could you list of all of all your community pages like your twitter feed, Facebook page or linkedin profile?

Leave a Comment