Palm WebOS Hacked Via SMS Messages

gondaba writes "Security researchers at the Intrepidus Group have hacked into Palm's new WebOS platform, using nothing more than text messages to exploit a slew of dangerous web app vulnerabilities. The white hat hackers found that the WebOS SMS client did not properly perform input/output validation on any SMS messages sent to the handset, leading to a rudimentary HTML injection bug. Coupled with the fact that HTML injection leads directly to injecting code into a WebOS application, the attacks made possible were quite dangerous (especially considering they could all be delivered over an SMS message)."

Lol

[Codename Dutchess]

These are always my favorite posts to read. Nothing like hiring 12 year olds to code your software.

Re:Lol

[FatdogHaiku]

Obligatory XKCD [xkcd.com]

Re:Lol

[Anonymous Coward]

Obligatory post pointing out that nobody cares what an AC says ... including this post.

Re:Lol

[bhtooefr]

Obligatory post pointing out that funny doesn't give karma.

Re:WebOS 1.4

[X0563511]

Indeed. I actually jumped into the developer's IRC channel to check in on this, and one of them told me about it being fixed already.

I felt like an ass. Thanks, Slashdot.