WebOS hacked? vCard bug / exploit?

**konsole** · 08/12/2010, 02:44 PM

Oh lawdy I don't believe my eyes:

http://www.zdnet.co.uk/news/security...alls-40089807/

A weakness in the Palm Pre operating system could allow remote bugging of the device, according to a British security company.

A specially-crafted vCard, or virtual business card, could be used to exploit the vulnerability in the Palm Pre's WebOS operating system as the handheld does not employ any security measures, Basingstoke-based WMR InfoSecurity said on Wednesday.

The company discovered that a malicious vCard can be transferred to the phone using SMS, Bluetooth or via the web browser. Simply viewing the vCard is enough to fully compromise the business-focused handheld, which results in the intruder being able to remotely bug the device, it said.

**konsole** · 08/12/2010, 02:51 PM

I saw this posted on ZDNet. Please read.

*mod kindly fixed thread for me*

**ryleyinstl** · 08/12/2010, 02:57 PM

<<Threads Merged>>

**JED-WEB-OS** · 08/12/2010, 04:27 PM

I am a Verizon User and do not have the 1.4.5 upgrade as yet so I am vulnerable but I like the odds that anyone would bother to build a malicious Vcard for this small an operating system.

**SmoothCriminal** · 08/12/2010, 04:45 PM

I am also a Verizon user, so that means my Palm Pre Plus is still vulnerable because I don't have 1.4.5. I highly doubt anyone is trying to hack my Pre Plus, but I still don't like the thought that someone could. Maybe someone could make a patch for Verizon and ATT users to fix this issue???

**canderoc** · 08/12/2010, 05:04 PM

Let's rename the thread:
"Verizon Risks Users' Safety by Delaying Release of WebOS Update"

Thread Tools

Display

Posting Permissions