iPhone URL display poses potential security threat

Security research specialist Nitesh Dhanjani has demonstrated how mobile Safari’s ability to hide a web page’s URL can be used to trick users. Specifically, his proof-of-concept site shows a “fake” URL filed once the real one has been hidden, preventing users from realizing that they’re not looking at the site they intended to see.

Dhanjani goes on to note that, in situations where a URL filed should be visible, a hacker could simply present the fake one, tricking most users. He offers more detail on his blog, and says that he’s been in communication with Apple about the issue. You can check out a brief video of how the trick works after the break.

[Via MacObserver]

Continue reading iPhone URL display poses potential security threat

iPhone URL display poses potential security threat originally appeared on TUAW on Tue, 30 Nov 2010 13:00:00 EST. Please see our terms for use of feeds.

Source | Permalink | Email this | Comments

Leave a Reply

Your email address will not be published. Required fields are marked *