iPhone users now fear security patches, say analysts

Apple's decision last week to bundle an iPhone-crippling firmware upgrade with 10 security patches for the device was a mistake, analysts said Monday. Thursday's iPhone Update 1.1.1 included not only new features and functionality -- including access to the iTunes Wi-Fi Music Store -- but plugged holes in the device's built-in Safari browser, e-mail software, and Bluetooth implementation.

But it was the news that the update "bricked," or disabled, iPhones modified to work with networks other than AT&T that caught the attention of security analysts like Andrew Storms, director of security operations at nCircle Network Security. "With the iPhone update, Apple is now producing a fear of taking their patches," Storms said. "If they release a functionality update and security fixes at the same time in the future, some users will think twice about applying it. They'll ask themselves, 'What will it break this time?' Will it backfire on me?'

View: The full story
News source: InfoWorld

Report a problem with article
Previous Story

Microsoft Nears D-Day for VoIP Launch

Next Story

AMD to launch RV670 on November 19

14 Comments

Commenting is disabled on this article.

Uhhh...

It's like somehow installing Roxio EMC DE (Dell Edition) under Windows XP retail on a custom-built box. Do you still expect to get support or updates from Dell or Roxio?

So when the user buys a LOCKED iPhone, they agree to follow the terms of service and in turn, Apple and AT&T agree to offer support given that the phone's un-modified and operated within AT&T network (hence the term locked). The moment the phone has been modified, it's breach of contract on the user's part and it's no longer AT&T's or Apple's obligation to support that phone and they have every right to attempt protect/restore the original terms of use. The user with the modified phone can refuse to re-enter the original contract by choosing not to update the software.

All only makes sense.

Apple's not looking to making those who hacked their iPhones happy. If you have to spend another $400 because you hacked your last one and updated, it's all the more money for them. In the end, AT&T and Apple are both pleased by this, so why wouldn't they have done it?

Do you honestly think people are going to run out and spend another $400?

Ok, some are, but most are going to use another phone and wait for the next hack to fix their iphone.

Either way, it appears that apple is going out of their way to do this, which will just hurt longterm sales.

When you bought your iphone, you signed a contract to stay with AT&T for the life of the contract. You hack your way out of it, and you get what you deserve.

Unhacked iphones that end up bricked would be fully supported by Apple anyway, there are ways to read the chips onboard even if it doesnt boot.

FUD isn't really an article.

So what about when your contract is up? You paid for the devise, it's yours AFTER the contract expires. I think Apple has it planed to NOT UPDATE the 2 year old phones, or how ever old they'll be once the gig up. Because if they DID patch, and it bricked the phone, where would they be then?

Do you think they'll patch the phone? I'm betting not. "Sorry, you want the newest one.. go buy another." Why people buy into this crap, I'll never understand.

Looks like we need to focus on the relationship between the iPhones and AT&T than the user and AT&T. Personally I don't really think it's got much to do with one sticking to AT&T but the phone and software itself.

It's a locked phone so understandably AT&T is making a claim that the intellectual parts of the phone remain properties of AT&T and THIS very version of the hardware/software will only receive updates if it's being used with AT&T. So don't phone HP any more if you install their version of Windows Vista on your ASUS laptop.

<If you ask me, it was pathetically stupid for Apple to block these firmware hacks. >

Why? If I alter something on my new TV and it breaks it I'm sol. If I swap out the EPROM chip in my new car and it cooks the engine the car maker will not honor the warranty. Why should iPhone owners get special treatment?

<But normal users have had issues with this update as well.>

And they should get all the help they need. Does anyone know what the failure rate has been with the iPhone?

wubi21 said,
<If you ask me, it was pathetically stupid for Apple to block these firmware hacks. >

Why? If I alter something on my new TV and it breaks it I'm sol. If I swap out the EPROM chip in my new car and it cooks the engine the car maker will not honor the warranty. Why should iPhone owners get special treatment?

But what if you do that and it works fine, then your TV manufacturer comes over to your house and puts an Axe through the screen?
That's (metaphorically speaking) more or less what Apple has done in this case.

<But what if you do that and it works fine, then your TV manufacturer comes over to your house and puts an Axe through the screen?>

I agree. Sorry, I chose a poor example.
However, as the poster below points out these people violated the contract. And I bet that is how Apple will get out of this.

wubi21 said,
<If you ask me, it was pathetically stupid for Apple to block these firmware hacks. >

Why? If I alter something on my new TV and it breaks it I'm sol. If I swap out the EPROM chip in my new car and it cooks the engine the car maker will not honor the warranty. Why should iPhone owners get special treatment?

<But normal users have had issues with this update as well.>

And they should get all the help they need. Does anyone know what the failure rate has been with the iPhone?


I'd say the failure rate would be pretty damn high, considering not even a month after they went on sale apple was already selling refurbed iphones.....thats a pretty quick turn around...i'd stay away from the crappy iphone like it was the plague

I wouldn't be surprised if normal users, who wouldn't even think to "hack" their phone, started getting worried about these updates.
I mean, lets face it, the odd user is BOUND to have trouble installing firmware updates, it's the kind of update that, in the event something goes wrong, could brick your device for a number of reasons (and not because the user has modified it), so Joe Average user is going to think "if my firmware update goes bad, what's to stop Apple just saying "well you shouldn't have modified it then" and leave me with an expensive door stop? I'd better not install any updates at all".

If you ask me, it was pathetically stupid for Apple to block these firmware hacks. Instead of penalising the user, they should have blocked the security holes that allowed this in the first place and gave their security team a slap.