Facebook and Dropbox Apps Vulnerable to Credential Theft
Eric Slivka (via Chris Adamson):
Wright outlines a number of different ways in which a malicious user could obtain the login credentials, including customized apps, hidden applications installed on public PCs, or hardware solutions such as a modified speaker dock that could siphon the data.
Apparently the USB vulnerability, which seems to me to be the most serious, only affects iPhones that don’t have a passcode set.
