Zero Day Attack

Charlie Miller spent five years at the National Security Agency where he hacked into foreign computer systems, so hacking the Apple iPhone is cakewalk to him:

Miller’s iPhone offensive showed how anything connected to networks these days can be a target.

He began by connecting his computer to another laptop holding the same software used by the iPhone. Then he typed a command to launch a program that randomly changed data in a file being processed by the software.

The alteration might be as mundane as inserting 58 for F0 in a string of data such as “0F 00 04 F0.” His plan was to constantly launch such random changes, cause the software to crash, then figure out why the substitutions triggered a problem. A software flaw could open a door and let him inside.

“I know I can do it,” Miller, now a cybersecurity consultant, told himself. “I can hack anything.”

After weeks of searching, he found what he was looking for: a “zero day,” a vulnerability in the software that has never been made public and for which there is no known fix.

It's a good thing that Miller actually hacked the iPhone to discover its security flaws so it can be fixed, but "zero day attack" is fast becoming a real nightmare for cyberspace.

The Washington Post has fascinating series of special reports on Zero Day, the first of which is by Robert O'Harrow Jr.: Link

Login to comment.

Email This Post to a Friend
"Zero Day Attack"

Separate multiple emails with a comma. Limit 5.


Success! Your email has been sent!

close window

This website uses cookies.

This website uses cookies to improve user experience. By using this website you consent to all cookies in accordance with our Privacy Policy.

I agree
Learn More