updated 08:00 am EDT, Sun August 7, 2011
10-year old girl uncovers smartphone vulnerability
A ten-year old hacker known as @CyFi has uncovered a zero-day exploit in iOS and Android games. The hack has been verified by independent researchers and has been classed as new vulnerability. The ten-year old girl who hales from California presented her findings at the DefCon 19 convention. She explained that she uncovered the hack in January this year as a workaround for farm-based games that took too long to progress.
In an interview with CNET, CyFi revealed her motivation:
"It was hard to make progress in the game, because it took so long for things to grow. So I thought, 'Why don't I just change the time?'"
The hack works on a number of games where it is possible to make faster progress by manually advancing the devices clock beyond real-time. Although some games are capable of blocking the hack, a number remain vulnerable to it.
Even those games that are geared to block such attacks were still vulnerable to work-arounds including disconnecting the device from Wi-Fi or by making subtle forward increments in the time.
Cy-Fi has chosen not to reveal which games are susceptible to the vulnerability as she hopes to give the vendors an opportunity to close off the exploit before it is detailed.