Apple Fixes 911 Flaw in Latest iOS Update
March 30 2017 - 5:27PM
Dow Jones News
By Ryan Knutson
Among the changes in an iPhone software update Apple Inc.
released this week: a fix aimed at preventing cyberattacks on 911
centers in the U.S.
The vulnerability was exposed in October after an 18-year-old in
Arizona allegedly designed code that would cause iPhones to
repeatedly dial 911. A link to the code went viral on Twitter, as
teenagers began sharing it as a prank.
The incident, which was detailed in a Wall Street Journal
article, resulted in thousands of accidental 911 calls,
overwhelming operators in at least a dozen states across the
U.S.
The 18-year-old accused of writing the code, Meetkumar Desai,
was arrested last fall and charged with four felony counts of
computer tampering. His lawyer didn't respond to a request for
comment Thursday.
The code only triggered 911 calls from iPhones, exploiting a
feature in the smartphone's software that allows users to click on
a phone number and immediately initiate a call. Apple says the
update supersedes that capability and now requires users to always
press a second confirmation before initiating a call.
Apple says it initially worked with app developers to fix the
vulnerability, and this update will now prevent it from happening
even on apps that hadn't already fixed the issue.
For about two years, the Department of Homeland Security has
also been working on ways to prevent the kind of cyberattack that
overwhelmed 911 systems in October. Such attacks are relatively
simple -- all it takes is many devices dialing 911 at the same
time.
Homeland Security's research and development arm, known as the
Science and Technology Directorate, has been working with the
University of Houston and a company called SecureLogix Corp. to
identify and block repeated 911 calls designed to harm 911. Trials
are under way now.
A fix would be difficult to roll out, however. There are about
6,500 911 answering centers in the U.S., and a recent report by the
Federal Communications Commission found that only 420 of the
centers were part of a cybersecurity program. Each center is
managed by local jurisdictions, meaning there is no central
authority that can mandate changes across all centers.
Write to Ryan Knutson at ryan.knutson@wsj.com
(END) Dow Jones Newswires
March 30, 2017 17:12 ET (21:12 GMT)
Copyright (c) 2017 Dow Jones & Company, Inc.
Apple (NASDAQ:AAPL)
Historical Stock Chart
From Mar 2024 to Apr 2024
Apple (NASDAQ:AAPL)
Historical Stock Chart
From Apr 2023 to Apr 2024