A ping of death for the iPhone
Thursday, July 23, 2009 at 5:16PM 
The release of the 3rd generation of the iPhone was the reason for me to rush to the TMobile store to get the 32G version. I had to wait for about one week first, but finaly got one, and I love it! But there is one thing that worries me a bit. I was able to remotely drain the battery in 30-45 minutes, just by pinging the public IP address, assigned by TMobile, to the GPRS/3G interface of the phone. Is your battery draining for no reason? Is your iPhone running hot when in standby modus? Then read on...
I was curious to see what IP address I was using during 3G networking. It turns out that on the Dutch TMobile network you are assigned a random IP within a block of TMobile mobile internet users. You can check this out by going to a site like whatsmyip.org, or installing the iStat app, which also shows you the 'cell IP' of the iPhone. To see if my iPhone was pingable, I issued the ping command on the OSX terminal on my MacBook, to which it responded. I was also be able use an app like Datacase, to share documents over the internet via FTP and HTTP from my iPhone. An Nmap to the device even reported that port 21 was open. Wtf? In other words, there is nothing between your device and the evil outside world when you switch on your iPhone, at least on the TMobile network in the Netherlands. Scary stuff.
When I was done experimenting, I noticed after 30 minutes that my fully charged iPhone ran a little hot and the battery suddenly was as good as empty, even though I had put it to rest by pressing the top button. It turned out that the ping I did half an hour before on my MacBook was still running and had kept the 3G module alive, sucking the energy from my phone. Crap!
I tried the same thing with a Nokia E71 on the same network, but this trick did not work. The E71 switches the 3G networking on when needed, for instance when the browser starts. Close the browser, and the device goes offline. I haven't tried other phones yet, but I'm curious to see how an Android reacts...
So, how could an attacker do harm to you and me remotely? Well, I used a nice tool called xprobe to do a remote ICMP fingerprint of the OS. One run of the tool against my public iPhone IP showed that the device was probably "Apple Mac OS X 10.3.x". Apparently, the iPhone responded with OSX characteristics. Easy catch! Someone can just scan the IP block with xprobe, and ping all iPhones he finds to death. Another, more targeted approach would be to lure you to his webserver, tailing and grepping his logs to see if any iPhones come along and then ping the device to death. He could also send you an email, containing a remote image to do this. Remote image loading is switched ON by default on the iPhone Mail app, so this method would be easier. Why would someone do this? For fun? An iPhone hater? Or just because?
Other networks in the Netherlands that offer GPRS/3G do not seem to be vulnerable to this problem because of the use of NAT or blocking inbound traffic. I hope that TMobile will do the same soon. Please share your experiences on other networks here.
Reader Comments (72)
Rashard Mendenhall Jersey, Mike Iupati Jersey, Patrick Willis Jersey, Percy Harvin Jersey, Mike Wallace Jersey, Michael Turner Jersey, Michael Vick Jersey, cheap jerseys, Michael Crabtree Jersey, Michael Oher Jersey, Maurice Jones-Drew Jersey, Ndamukong Suh Jersey, Matthew Stafford Jersey, wholesale jerseys, Pierre Garcon Jersey, Philip Rivers Jersey, Nnamdi Asomugha Jersey, Miles Austin Jersey, Pierre Thomas Jersey, Peyton Manning Jersey, Cheap NFL Jerseys
cheap nfl jerseys, Sam Bradford Jersey, Adrian Peterson Jersey, cheap jerseys, Anthony Davis Jersey, Arian Foster Jersey, Austin Collie Jersey, Santonio Holmes Jersey, Andre Johnson Jersey, Ben Roethlisberger Jersey, Roy Williams Jersey, Aaron Curry Jersey, Shonn Greene Jersey, nfl jerseys wholesale, Aaron Rodgers Jersey, Brandon Marshall Jersey, Brent Celek Jersey, Antonio Gates Jersey, Anquan Boldin Jersey, Sean Taylor Jersey, Brandon Jacobs Jersey
<LI>Calvin Johnson Jersey, <LI>Brian Urlacher Jersey, <LI>Brian Cushing Jersey, <LI>Carson Palmer Jersey, <LI>Chad Ochocinco Jersey, <LI>wholesale nfl jerseys, <LI>cheap jerseys, <LI>Taylor Mays Jersey, <LI>Sidney Rice Jersey, <LI>Brett Favre Jersey, <LI>Charles Woodson Jersey, <LI>C.J. Spiller Jersey, <LI>Cedric Benson Jersey, <LI>Terrell Owens Jersey, <LI>Brian Dawkins Jersey, <LI>nfl jerseys wholesale, <LI>Brian Orakpo Jersey, <LI>Chris Johnson Jersey, <LI>Steven Jackson Jersey, <LI>Chris Cooley Jersey, <LI>Chad Henne Jersey
Terrell Suggs Jersey, Tim Tebow Jersey, Darren Sharper Jersey, Darnell Dockett Jersey, DeAngelo Williams Jersey, DeMarcus Ware Jersey, Darrelle Revis Jersey, Tom Brady Jersey, wholesale nfl jerseys, David Garrard Jersey, Darren McFadden Jersey, Deion Sanders Jersey, DeSean Jackson Jersey, cheap jerseys, wholesale jerseys, Dallas Clark Jersey, Tony Gonzalez Jersey, Todd Heap Jersey, Darren Sproles Jersey, Chris Wells Jersey, Clay Matthews Jersey
beats by dr dre lady gaga headphones
black
beats by dr dre lady gaga headphones
silvery
Monster Butterfly by
Vivienne Tam with ControlTalk High Performa
monster diddybeats in-ear
headphones with controltalk black
monster diddybeats in-ear
headphones with controltalk pink
monster diddybeats in-ear
headphones with controltalk white
monster miles davis tribute
high performance in-ear speakers
monster-turbine-pro-copper-professional-
in-ear-speakers
monster justbeats Headphones In-Ear
128670
ibeats High Performance In-Ear Headphone
Beats By Dr. Dre iBeats
With ControlTalk In-Ear Headphones In Wh
Beats By Dr. Dre iBeats
With ControlTalk In-Ear Headphones in Sl
dr dre beats diddy beats in-ear
headphones
helifang1028
Authentic Joe Flacco Jersey, Authentic Jason Witten Jersey, Authentic Jeremy Maclin Jersey, Authentic Johnny Knox Jersey, Authentic Hines Ward Jersey, Authentic Frank Gore Jersey, Authentic LaDainian Tomlinson Jersey, Authentic Heath Miller Jersey, Authentic Mike Wallace Jersey, Authentic Fred Jackson Jersey, Authentic Frank Gore Jersey, Authentic Eli Manning Jersey, Authentic Mark Sanchez Jersey, Authentic LaMarr Woodley Jersey, Authentic Michael Vick Jersey, Jerseysusa.com, Authentic Justin Smith Jersey, Authentic Hakeem Nicks Jersey, Wholesale Jerseys USA, Authentic Greg Jennings Jersey, Authentic Matt Schaub Jersey, Jerseys USA, Authentic Mark Ingram Jersey, Authentic Jacoby Ford Jersey, Authentic Jimmy Graham Jersey, Authentic LeSean McCoy Jersey, Authentic Maurkice Pouncey Jersey, Authentic Justin Smith Jersey, Authentic Jay Cutler Jersey, Authentic Eli Manning Jersey, Authentic Marques Colston Jersey, Authentic Mark Ingram Jersey, Authentic Michael Bush Jersey, Authentic Marques Colston Jersey, Authentic James Harrison Jersey, Authentic Jermaine Gresham Jersey, Authentic Julius Peppers Jersey, Authentic Lance Briggs Jersey, Authentic Hakeem Nicks Jersey, Authentic Jordy Nelson Jersey, Authentic Dustin Keller Jersey, Authentic Jimmy Graham Jersey, Authentic Jermaine Gresham Jersey, Authentic Jahvid Best Jersey, Authentic Matthew Stafford Jersey, Authentic Jason Pierre-Paul Jersey, Authentic Matt Forte Jersey, Jerseysusa, Authentic Haloti Ngata Jersey, Authentic Jason Pierre-Paul Jersey
helifang1121
Rubber Duck
Snowjoggers sale
Rubberduck Snowjoggers
reviews
cheap
snowjoggers
Buy Rubberduck Brand
Snowjoggers
Rubberduck Brand
Snowjoggers
Rubber Duck
Snowjoggers sale
cheap
snowjoggers
rubber duck
snowjoggers classic
rubber duck brand
snowjoggers
rubber duck
snowjoggers
rubber duck
snowjoggers reviews
cheap rubber duck
snowjoggers
rubber duck
snowjoggers classic
rubber duck
snowjoggers classic sale
snowjoggers for
men
Cheap Rosetta
Stone
Rosetta Stone
Spanish
Rosetta Stone
French
Rosetta Stone
Chinese
Rosetta Stone
Japanese
Rosetta Stone
Software Languages
Discount Rosetta
Stone Software Languages
Discount Rosetta
Stone
Rosetta Stone
Reviews
Learn french
Software
Learn Spanish
Software
Learn Chinese
Software
Learn Japanese
Software
GHD Hair Straightener
Cheap GHD Hair
Straightener
Ghd Hair Straightener
Wholesale
Ghd Hair Straightener
where to buy
GHD Flat
Iron
Best Flat Irons
2011
Best Flat
Irons
Buy Flat
Irons
Cheapest Flat
Irons
The Best Irons
For Hair
The Best
Irons
babyliss hair
straighteners
cheap babyliss hair
straighteners
Babyliss
Hairdryer
Babyliss Curling
Irons
Wholesale
Babyliss
Babyliss Pro
Irons
Babyliss Pro tt
Best Babyliss
babyliss ceramic pro
hair dryer
babyliss ceramic flat
iron
babyliss ceramic
babyliss flat iron
babyliss pro 1
inch
helifang1121
Monster By Dr Dre HD Studio Headphones Red
Monster By Dr Dre HD Studio Headphones Black
Monster By Dr Dre HD Studio Headphones White
Monster Dr Dre Studio HD Headphones Blue
Monster Dr Dre Studio HD Headphones Glod
Monster Dr Dre Studio HD Headphones Pink
Monster Dr Dre Studio Red Diamond Limited Edition Headphon
Monster Dr Dre Studio White Diamond Limited Edition Headph
Monster Dr Dre Pro HD Headphones Black
Monster Dr Dre Pro HD Headphones White
Monster Solo Headphones Black
Monster Solo Headphones white
Monster Solo Headphones graphite
Monster Solo Headphones red
Monster By Dr Dre HD Studio Headphones yellow
By Dr Dre Studio Red Sox Edition Headphones
Monster By Dr Dre Studio Kobe Bryant Headphones
Monster By Dr. Dre Studio Headphones Ferrari-Limited Editi
ykwyy-clj1206
Patrick Willis 49ers authentic Jersey, Ahmad Bradshaw Jersey, Hines Ward Jersey, Eli Manning Jersey, Miles Austin Jersey, Arian Foster Jersey, Dustin Keller Jersey, Clay Matthews packers Jersey, randall cobb packers jersey, wholesalejerseyschina.us, Calvin Johnson Authentic Lions Jersey, Plaxico Burress Jersey, Drew Brees Authentic Jersey, Rob Gronkowski Patriots Jersey, aaron rodgers jersey packers, DeMarcus Ware Jersey, Michael Bush Jersey, nick collins jersey authentic, jordy nelson packers jersey, Carson Palmer Raiders Jersey, Matthew Stafford Authentic Lions Jersey, Jason Witten Jersey, aaron rodgers jersey authentic, Ray Lewis Jersey, Jonathan Stewart Jersey, Darren McFadden Raiders Jersey, Brian Urlacher Jersey, Santonio Holmes Jersey, Dez Bryant Jersey, Frank Gore 49ers authentic Jersey, Cam Newton kids nfl Jersey, Ben Roethlisberger Jersey, jordy nelson jersey, wholesale jerseys china, Clay Matthews Jersey, Victor Cruz Jersey, Darren McFadden Jersey, Jacoby Ford Jersey, James Harrison Jersey, Andre Johnson Jersey, Jimmy Graham Authentic Jersey, Aaron Rodgers Jersey, Hakeem Nicks Jersey, Nick Collins Jersey, Tom Brady Patriots Jersey, Authentic Victor Cruz Jersey, DeMarco Murray Jersey, Sebastian Janikowski Jersey, Maurkice Pouncey Jersey, Torrey Smith Jersey, Mark Sanchez Jersey, Carson Palmer Jersey, Darrelle Revis Jersey, Steve Smith Jersey, DeAngelo Williams Jersey, Devin Hester Jersey, Dez Bryant Jersey, Tony Romo Jersey, Jason Pierre-Paul Jersey, Victor Cruz Jersey giants, Cam Newton Jersey, Aaron Rodgers Jersey
Justin Smith authentic Jersey, Wes Welker Patriots Jersey, Joe Flacco authentic Jersey, Von Miller Jersey, Mike Wallace Steelers Authentic Jersey, Matthew Stafford Authentic Jersey, Willis McGahee Jersey Cheap, Tim Tebow Jersey, Troy Polamalu Jersey, Torrey Smith Jersey, Michael Crabtree authentic Jersey, Tim Tebow Jersey Cheap, Jordy Nelson Jersey, Ndamukong Suh Authentic Jersey, Rob Gronkowski Patriots Jersey, Wholesale Jerseys China, Troy Polamalu Steelers Authentic Jersey, Jordy Nelson Jersey, Tom Brady Patriots Jersey, Ray Lewis authentic Jersey, Julius Peppers Jersey, Johnny Knox Jersey, Miles Austin Authentic Jersey, Nick Fairley Authentic Jersey, Plaxico Burress Jersey, Mark Sanchez Jersey, Authentic Tim Tebow Jersey, tim tebow jersey women, LaDainian Tomlinson Jersey, Von Miller Jersey Cheap, Terrell Suggs Jersey, Von Miller Jersey, Randall Cobb Jersey, Victor Cruz Jersey Authentic, Nick Collins Jersey, Tony Romo Authentic Jersey, Victor Cruz Jersey, Sean Lee Jersey, Willis McGahee Jersey, Tim Tebow Stitched Jersey, tim tebow jersey sales, von miller jersey shirt, Cheap NFL Jerseys, Patrick Willis authentic Jersey, Ray Lewis Jersey, Mario Manningham Jersey, packers Clay Matthews Jersey, Willis McGahee Jersey
Darrius Heyward-Bey Jersey, Wes Welker Patriots Jersey, Torrey Smith authentic Jersey, Hakeem Nicks Jersey, Authentic Mark Ingram Jersey, calvin johnson authentic jersey, Jimmy Graham Jersey, J.J. Watt Jersey, Brian Urlacher Jersey, ndamukong suh authentic jersey, authentic carson palmer jersey, packers Clay Matthews Jersey, Nick Fairley Jersey, Authentic Marques Colston Jersey, Mike Wallace Authentic Jersey, Sean Lee Jersey, Jacoby Ford Jersey, Ray Lewis Jersey, Authentic Tim Tebow Jersey, Brian Cushing Jersey, Tom Brady Patriots Jersey, Carson Palmer Jersey, Cheap Jerseys China, authentic drew brees jersey, Michael Crabtree authentic Jersey, Aaron Rodgers Jersey, Terrell Suggs Jersey, Frank Gore authentic Jersey, Torrey Smith Jersey, authentic jimmy graham jersey , Miles Austin Jersey, Patrick Willis Jersey, B.J. Raji Jersey, Joe Flacco authentic Jersey, Randall Cobb Jersey, Ray Lewis authentic Jersey, Dez Bryant authentic Jersey, Devin Hester Jersey, Drew Brees Jersey, Troy Polamalu Authentic Jersey, Eli Manning Jersey, Haloti Ngata Jersey, Darrelle Revis Jersey
<p>NBA Snapback Hats
Snapback Hats Online
MLB Snapback Hats
Authentic Snapback Hats
http://www.officialsnapbackhat.com/snapback-hats-mlb-snapback-hats-c-1_33.html
http://www.officialsnapbackhat.com/snapback-hats-nba-snapback-hats-c-1_2.html</p>
<p>Snapback Hats Cheap
Last Kings Clothes
Last Kings Snapback Hats
Blank Fitted Hats
Cheap Jerseys Wholesale
Snapback Hats For Sale
Wholesale Snapback Hats
Obey Snapback Hats
http://www.snapbackshatscheap.com/cheap-jerseys-cheap-nfl-jerseys-c-129_130.html
http://www.snapbackshatscheap.com/fitted-hats-c-126.html
http://www.snapbackshatscheap.com/clothing-last-kings-clothes-c-122_123.html</p>
<p>CHI Flat Irons
CHI Flat Iron Official Website
CHI Flat Iron
CHI Hair Products
Official CHI Flat Iron Site</p>
<p>Wholesale Snapback Hats Blank
MLB Snapback Hats
NBA Snapback Hats
CHINA Snapback Hats
http://www.wholesalesnapbackhatschina.com/
http://www.wholesalesnapbackhatschina.com/mlb-snapback-hats-c-1.html
http://www.wholesalesnapbackhatschina.com/nba-snapback-hats-c-6.html
http://www.wholesalesnapbackhatschina.com/nfl-snapback-hats-c-8.html
http://www.wholesalesnapbackhatschina.com/nhl-snapback-hats-c-13.html</p>
<p>www.officialsnapbackhats.com
www.wholesalesnapbackshats.com
www.wholesale-snapbackhats.com
www.wholesalesnapbackcaps.com</p>