Amid all the recent buzz on iPhone 3.0 SMS vulnerability and other security concerns around the iPhone, one of the scarier stories revolves around the iPod Touch and how to turn it into a mobile penetration test tool.
The article dated August 5th in Dark Reading, describes the notion of “weaponizing” the iPod Touch. The weaponization according to Thomas Wilhelm from Colorado Technical University, “The iPhone Touch can also perform ARP spoofing and force nodes to use it as a gateway. “The coolest thing with the iPod Touch is that it can tell every computer in the network that it’s the gateway, and that when you talk to Google, you have to go through it,” Wilhelm says. “Then it captures all of the packets that go across the network.”” Why the iPod Touch? Because it’s small and can be carried into ANY facility without anyone knowing it.
Furthermore, it can be installed in stealth with some Home Depot parts that Wilhelm instrumented to give it infinite power, “It’s basically an electric box with an empty faceplate affixed to a wall to hide the iPod, which is plugged into the wall outlet.”
How do you solve this problem? Because the iPod Touch must connect wirelessly to the network, it will be transmitting so can be detected and located by a WIDLS (Wireless Intrusion Detection and Location System) like AirPatrol.
What if this were the iPhone instead of the iPod? Then any vulnerability scans can be immediately offloaded over the 3G network, undetected by ANY of the WIDS systems available in the market today unless it could also detect and locate cellular signals as well. Again, see AirPatrol.