This is why a managed SDK with sandboxed apps like the one Jobs proposes for February is going to be a lot better than opening up the device outright, like it or not. Since this is a hack done via a website, it's likely the 1.1.1 TIFF exploit that can be patched by a) installing Apple's 1.1.2 patch or hacking your 1.1.1 iPhone using the Jailbreakme.com installer website. The guy runs all this on a LAN, knowing IPs, but it wouldn't be hard to have malware ping home, either. Nothing to scoff at, but also not surprising given the unofficial nature of the apps developed so far, and maybe nothing to freak out over. [FC via CrunchHickey]