Stagefright-like Flaw Opens Up iPhones With An Image

Speaker/Bio

A simple image in .tif or .bmp format sent by iMessage can steal iPhone's information by triggering its image I/O API. On receiving an image, iMessage will automatically render it without any permission from the user. Thus the malicious code embedded in the image can be executed and cause overflow attack.

Abstract

Lake Bu is doing research with prof Karpovsky on developing reliability oriented error control codes. Most of his research is for the hardware security on data level. Recently he also starts to study the security oriented codes and their applications.