My article, Retrospective: 10 security blunders, about blunders in IT security has been published at TechRepublic in the IT Security weblog. In my SOB entry titled Closed-source glitz — missing the point, I posted a comment in the ensuing discussion in which I said:
[The Eee PC is] only about four times the size of an iPhone — and doesn’t suffer from the impressive flaws of the iPhone (see an upcoming article of mine about blunders in TR’s IT Security weblog).
That’s where the security blunders article comes in. In it, I had this to say about the iPhone:
The iPhone runs everything as root: As Wired put it, IPhone’s Security Rivals Windows 95. This is very bad — and, of course, the root password for the iPhone was cracked in just three days. It had to happen eventually. To be fair, Windows Mobile devices all run everything as the administrative user as well, but this is not exactly unexpected (so it’s less notable). Credit to the fine folks at Metasploit for figuring it out, and figuring out how to make use of that fact.
See the article (linked at the beginning of this SOB entry) for relevant links and more fun IT security blunders of the 21st century.