Glasgow Daily Times, Glasgow, KY

Business

June 4, 2012

For hackers, software flaws offer keys to government, business computers

Charlie Miller prepared his cyberattack in a bedroom office at his Midwestern suburban home.

Brilliant and boyish-looking, Miller has a PhD in math from the University of Notre Dame and spent five years at the National Security Agency, where he secretly hacked into foreign computer systems for the U.S. government. Now, he was turning his attention to the Apple iPhone.

At just 5 ounces and 4 1/2inches long, the iPhone is an elegant computing powerhouse. Its microscopic transistors and millions of lines of code enable owners to talk, send email, take photos, listen to music, play games and conduct business, almost simultaneously. Nearly 200 million iPhones have been sold around the world.

The idea of a former cyberwarrior using his talents to hack a wildly popular consumer device might seem like a lark. But his campaign, aimed at winning a little-known hacker contest last year, points to a paradox of our digital age. The same code that unleashed a communications revolution has also created profound vulnerabilities for societies that depend on code for national security and economic survival.

Miller's iPhone offensive showed how anything connected to networks these days can be a target.

He began by connecting his computer to another laptop holding the same software used by the iPhone. Then he typed a command to launch a program that randomly changed data in a file being processed by the software.

The alteration might be as mundane as inserting 58 for F0 in a string of data such as "0F 00 04 F0." His plan was to constantly launch such random changes, cause the software to crash, then figure out why the substitutions triggered a problem. A software flaw could open a door and let him inside.

"I know I can do it," Miller, now a cybersecurity consultant, told himself. "I can hack anything."

Text Only
Business