1. They don't, SMART phones are literally just netbooks with a GSM/CDMA radio but a regular cellphone doesn't have the architecture to support malicious code. Once you understand this, it shouldn't be too hard to understand that hacking a smartphone is pretty similar to hacking a computer.
Most issues are going to be user side issues, requiring you, the user, to do some (seemingly benign) action to give the hacker permissions to do things that you don't want to give him. There was an issue a while back with people sending Unicode messages that caused iPhones to crash, this could actually be used to hack a phone if the circumstances allowed it [crashes might push things onto the stack which can then be called by other code]
3. In most cases, the problem is that the computer doesn't have good security policies. A computer that is connected to the internet but only has one program listening to port 80/443, and that program will only parse webpages in a virtual environment cannot be hacked. Hacking REQUIRES either a vulnerability in a program that is running on the machine and listening on a port; many such vulnerabilities are either implemented intentionally (such as giving a back door so people can work from home), are a result of people not locking down their systems [such as disabling SMB and all related services, or any service they don't actually use (like SSH)], or just bad programming.)
· 4 months ago