Is Your iPhone Vulnerable?
Posted on 07 July 2008, at 8:21 am, by Christopher Spera
I was on the train this morning, fighting sleep while reading through some RSS threads via ilium Software’s NewsBreak (love their apps…) when I noticed this. According to The Register, Apple hasn’t patched the iPhone for any security vulnerabilities since, like, February 2008.
The latest version of the software for the iPhone, 1.1.4, came out in February and is essentially a pared-down version of Mac OS 10.5, according to security researchers. As a result the Jesus phone is still vulnerable to an exploit demonstrated by Charlie Miller at the CanSec West security conference back in March. Miller used a bug in Apple WebKit, as used in versions of Safari prior to version 3.1.1, to win a $10,000 prize in the “Pwn to Own” contest at the conference.
This isn’t the only security problem the iPhone has, either. There are other, admitedly, not as critical flaws/bugs that, for example, might allow phishing attacks. Details of this vulnerability are being withheld until Apple can issue a patch to plug the hole.
Let me suggest this: Apple needs to get on the stick and insure that the v2.0 software update has all of this stuff plugged before the iPhone 3G goes GA this Friday, 11-Jul-08. The last thing I think Apple wants is something like this marring what could be the biggest hardware release of the year.
- Judie Lipsett: Thanks for the heads up Wayne, I just did the update…
- Christopher Gavula: I thought that 2.1 covered OS stability (app crashes) and this one seems to have focused on...
- aamp: Very useful review Dan. Would it be possible to include more pics of the other sides. A coupe of questions: -...
- Joel McLaughlin: Nice write up Dan! I need something like this.
- alex_kac: Funny, we use real boards. I know because I fractured my hand on one try where I got cocky.
- Wayne Schulz: I saw that review and wrote about it here: http://www.geardiary.com/20...
- pradley: There is a very lengthy review by Walt Mossberg in this morning’s WSJ: he describes a device with some...
- fyiguy: We use the same thing where I teach at nights. It’s much cheaper than real boards which are used for...
- Orion: My comments are merely my personal taste. I don’t doubt you get people who love it, Scott, which is to...
- khouryrt: *my post got cut in half* Anyway, you could also get womworld to send you a trial handset, but I believe...
- BlackBerry Bold OEM Desktop Charger
- Review - Epson WorkForce 600 Multi-Function Printer
- Review - Tributaries PWRS-T8/T1 Power Strip
- Devotec Solar Charger Review
- Review: Seattle Sling by Camera Armor
- Review: USBFever Foldable Multi Notebook Stand
- Holiday Gift Suggestions: the Etón FR150 Microlink or FR500 Solarlink Radios for the Survivalist
- Unboxing the HTC Touch Pro (Sprint Edition)
- Review: Norton Internet Security 2009
- E-TEN V900 WM6.1 Device Review
-
About MY Gear
Allen Hong
Announcements & News
Apple
Apple iPhone
Audio Visual Gear
Chris Spera
Contests & Giveaways
Cool Sites
David Goodspeed
Desktop Gear
Desktop Software
Diary Entries
Digital Music Player Gear
Doug Goldring
Event Reports
Grinding Gears
Home Tech
iPhone
iphone 3g
Joel McLaughlin
Judie Lipsett
Kerry Woo
Laptop Bags
Laptop Gear
Miscellaneous Gear
Mitchell Oke
Mobile Phone Gear
Mobile Phones
Offbeat
Palm Devices
Palm Software
PPC / Windows Mobile Professional Devices
PPC / Windows Mobile Professional Gear
PPC / Windows Mobile Professional Software
Rants and Raves
Reviews
Smartphone / WM6 Standard Software
Smartphones / WM6 Standard
Specifically Apple
Tips & Tricks
UMPC / Tablet PCs
Unboxing
Wayne Schulz
YouTube
