The real reason Apple updated the iPhone OS

When Apple released their update for the iPhone, most assumed that it was a general bug fix.  But, if you dig a bit deeper, there are some major security holes that are now plugged with the new update. 

Referring to an Apple support page, the page details some of the major bug fixes that could have allowed malicious code to be executed on the iPhone.  Apple specifically states that certain MP4 files, Tiff images and FTP sites could allow “arbitrary code execution”.  There was also a fix to a bug where a user with “physical access to a locked device may be able to access the user's data”.

Such exploits, if executed, could have been detrimental to a user’s data.  Corporations, specifically, are always looking for the most robust platform to keep their employees connected and still that title goes to Blackberry.  But, with Apple targeting the corporate business model too; it may not be too long before we see some companies adopt Apple’s iPhone. 

While it is always encouraging to see Apple patch bugs, it still goes to show that even Apple is prone to major security threats.  As the iPhone platform has grown exponentially, it is becoming a larger target for hackers. 

Report a problem with article
Previous Story

Google releases significant Nexus One software update

Next Story

Microsoft confirms Office 2010 has reached the Release Candidate stage

41 Comments

Commenting is disabled on this article.

Don't be fooled - Apple released this update to close off the entry point for all current jailbreaks. None of the current jailbreak methods can penetrate 3.1.3 - yet.

v3.1.3 is being pushed when doing a restore. the shift-restore and selecting the previous firmware file will come back with an error when trying to get the server side validation :-(

"it still goes to show that even Apple is prone to major security threats"

How, exactly? Apple has always been prone to major security threats. Why do you think they constantly release security updates for their software??? It doesn't exaclty match the message of their advertising, but you'd have to be pretty foolish to think Apple is somehow exempt from security threats.

I wish I could get my business email on my iPhone, but our corporation only allows for blackberry to access office email. I think its possible now with the android since they now have touchdown app which allows access the same way as blackberry, but nothing for iPhone that I know of.

I'm starting to dislike the people of go on about iPhone users being fanbois.

I'm an iPhone user, but dislike everything else made by Apple...well not dislike more like find those items far far too expensive, including the iPhone. The only reason I own one, over everything else, is because my Wife gets a discount on O2, if it wasn't for that I would have got an Android device.

The iPhone does everything I want in a nice clean way, its not even close to a perfect all-rounder handheld device, but nothing is. Yes it got problems, so do others and for me it does the job.

Pabs(Sco) said,
I'm starting to dislike the people of go on about iPhone users being fanbois.

I'm an iPhone user, but dislike everything else made by Apple...well not dislike more like find those items far far too expensive, including the iPhone. The only reason I own one, over everything else, is because my Wife gets a discount on O2, if it wasn't for that I would have got an Android device.

The iPhone does everything I want in a nice clean way, its not even close to a perfect all-rounder handheld device, but nothing is. Yes it got problems, so do others and for me it does the job.

It's by Apple. Even if you defend Apple in any sense (even rationally) you're going to be called a fanboy. I've seen Mark get called an Apple fanboy countless times here, and he doesn't even use their products.

I reckon my iphone has been the coolest phone/toy since i first touched a windows mobile (cough*hack) ... although, i am starting to seriously steer towards the Nexus One..... played with one, was a little saddened to have to go back to my iphone.... wish apple would make them more customisable...the UI functions brilliantly... but i want more flair!!! I might actually wait till apple releases OS 3.2 ....

I'm not a hater - but I don't understand all the fuss about the iPhone. What's the big deal? I'm personally a BlackBerry user.

nodii said,
I'm not a hater - but I don't understand all the fuss about the iPhone. What's the big deal? I'm personally a BlackBerry user.

Give it a whirl, if you have a friend / family with one, see if you can play with it for about an hour. If you don't like it then thats fair enough, always give things one balanced go, what have you got to lose.

I say the same to people with iPhones who wish to try blackberrys or android devices. See if you can borrow one and give it a play, don't be put off by what others say.

nodii said,
I'm not a hater - but I don't understand all the fuss about the iPhone. What's the big deal? I'm personally a BlackBerry user.

Personally the first iPhone wasn't anything special in my eyes. The iPhone 3G (OS2) introduced Exchange Mail which is when I started to look at them. I've always been an avid Nokida fan until then. Personally I find the iPhone great. It's maybe basic in what it can do but the phone just works so well and with ease. The introduction of the App Store also resolved most of the issues where people wanted 3rd party apps on their phone. I think to put it into perspective look at all the copy cat phones that are out now. Not a bad start for a company that never manufactured a phone previously.
Hopefully there will be some better alternatives to the iPhone in the future but for now Apple have won me over, even if I dislike Apple as a company. Not to mention their stupid prices!

nodii said,
I'm not a hater - but I don't understand all the fuss about the iPhone. What's the big deal? I'm personally a BlackBerry user.

Well personally, I like both the BlackBerry and the iPhone. Apple does certain things well (e.g. 140 000+ apps, world class multimedia, world class web browsing, and the best mobile gaming experience) and BlackBerry does well in other areas (consumes less bandwidth, more secure, more business friendly, and of course, BBM). It's all about choosing the device that better suits your needs.

Funny telling Apple good job when they tried to hide certain updates...

Now that the details are out, here comes the hackers with their attacks since they now know about them. Curious how many iPhone users will get attacked, if many at all. Lots of people either dont know, or dont bother to update their phones.

apple never say they are fixing the security hole which makes people believe that they are without security risk.
apple should be open about this.

still1 said,
apple never say they are fixing the security hole which makes people believe that they are without security risk.
apple should be open about this.

What & make the masses think Apple products are less than the pinnacle of perfection? Apple are too image conscious to prominently include security fixes in their changelog unless said vulnerability has been in the media.

still1 said,
apple never say they are fixing the security hole which makes people believe that they are without security risk.
apple should be open about this.

Yes, they do. They commonly announce this with point releases for OS X, for example.

I dunno if I've say BlackBerry is most secure, didn't they get **** awhile back for not wiping peoples data before redistributing them as refurbished? Plus they route all emails through their servers first so they can 'push' it. For the paranoid I would think BlackBerry would be one of the worst. Although this was awhile ago and might have changed since.

julianbl said,
he, this title is not going to be seen on engadget.

+1

Plus they turned comments off cause everyone and their mother was bashing the iFail... ermm iPad I mean...

It's amazing at how almost every piece of software and hardware has had an exploit associated with TIFFs.

Edited by Xilo, Feb 3 2010, 4:37am :

Xilo said,
It's amazing at how almost every piece of software and hardware has had an exploit associated with TIFFs.

It's a REALLY old format so the public domain source code to read these files is equally old. 8)

Edited by excalpius, Feb 3 2010, 9:29pm :

Is it not an axiom of open source that more eyes, the more secure it is? For as long as TIFF has been around, with that many eyes, you would think that it would be bullet-proof by now.

Not sure if that says a lot about Apple releasing old code with security holes, or the argument that OSS is more secure.