iPhone cracked in 20 seconds

You can expect to see lots of smug reports from anti-Apple hacks today about how the iPhone was hacked in just 20 seconds.

As usual, CanSecWest's infamous Pwn2Own hackfest will generate hundreds of posts wittering on about how the iPhone's security is garbage after a pair of European 'researchers' managed to trick the holy handset of Cupertino into giving up all of its digital goodies.

What most of them won't tell you is that the duo came to the table with the hack fully formed and that it had taken them two weeks of solid slog to develop. A bit longer than 20 seconds in our book.

They probably won't even mention that the security flaw was dependent on a user going to a rigged website and doing some pretty stupid stuff whilst there.

The hack, which steals the handset's SMS database, including messages which have apparently been deleted, found a way of bypassing Apple's code-signing routines to exploit privileges assigned to a non-root users called 'mobile'.

"Apple has pretty good counter-measures but they are clearly not enough. The way they implement code-signing is too lenient," said one of the hackers before collecting his $15,000 prize money as well as a nice shiny new iPhone... which he obviously won't be using because of its shoddy security.