This week’s TidBITS and Macintouch publications have short articles on iPhone Internet security issues.

1. 
   

TidBITS has a short and sweet article by Rich Mogull on “iPhone Security Tips.” In it, Rich recommends some important common-sense practices:

1. 
   

2. • Setting a passcode in case of loss, especially if there’s anything at all confidential on the phone
   

3. • Not having the phone remember and try to automatically connect to open wireless networks, which could be set up by hackers to spy on or attempt to spoof you.
   

4. • Using the iPhone’s built-in VPN support where possible.
   

5. 
   

The article concludes by echoing our book’s statements about Physical Security First, pointing out that “keeping an iPhone safe is more about not leaving it in a cab or knocking it onto a hard floor than encrypting every bit of data in and out.”

1. 
   

As far as Macintouch, the publication is reporting on a somewhat old denial-of-service vulnerability for which there are exploit sites available. The exploit looks surprisingly simple, and ends up crashing your iPhone. In theory, it could do even worse by taking your phone over. It’s not clear if Apple has fixed this vulnerability since it first surfaced (the 1.1.4 software release shipped since that time), or why Macintouch is reporting on it now.