H D Moore published details on exploiting the iPhone today using the same vulnerability as the jailbreaks/unlockers. It takes advantage of a vulnerability in the libtiff library for processing TIFF image files.
The exploit is now in Metasploit, which means someone with only the technical skills of an ex-analyst can exploit you via email or a web page with a special image file.
Apple will hopefully patch this quickly. The bad news is that it will kill all current attempts to load custom applications on the iPhone, but since it’s now remotely exploitable the risk outweighs the reward.
Libtiff is a common library and this vulnerability was not unknown.
This demonstrates a big problem in locking down a popular system like the iPhone or the Sony PSP- the same techniques needed to customize the device can often be used to exploit the security. For a wildly popular device like the iPhone it seems to make sense to open it up to legitimate, safe developers.
This also proves that the excuse of locking the system down to protect the phone network (AT&T) is total bollocks, since it’s far from a perfectly secure system to start.
Yes, I’m biased- I want custom apps on the iPhone I’ll probably eventually buy. Doesn’t mean I’m wrong…