By John Gruber
WorkOS: APIs to ship SSO, SCIM, FGA, and User Management in minutes. Check out their launch week.
There’s a new worm in Australia that attacks jailbroken iPhones using the default SSH password. I.e. it only works if (a) your iPhone is jailbroken, and (b) you haven’t changed the default root password. Forbes’s Andy Greenberg waits until the fifth paragraph before mentioning this.
Update: Several readers point out that OpenSSH isn’t even installed by default when jailbreaking an iPhone. So that’s a third essential requirement to be vulnerable to this attack.
★ Monday, 9 November 2009