PSA: 7.0.6 Causing Brick in some devices

[acerace113]

If this was a big enough issue Apple would of pulled the OTA update. Updated two 4S using OTA and both were fine. My 5S was jailbroken so I had to restore it.


Sent from my iPhone 5S or 5th gen iPod Touch using Tapatalk

 

[cinematicme]

If this was a big enough issue Apple would of pulled the OTA update. Updated two 4S using OTA and both were fine. My 5S was jailbroken so I had to restore it.


Sent from my iPhone 5S or 5th gen iPod Touch using Tapatalk

I made the upgrade path fine as well, some people weren't so lucky.


Sent from my iPhone using Tapatalk

 

[cinematicme]

UPDATE: my friend Sam went to the apple store today with his bricked iPhone 5s, apple techs cited hardware failure, but didn't say the update caused it.

I for one think it did. Just like 5.1.1 caused some devices to brick.


Sent from my iPad using Tapatalk

 

[SwitchBeach]

I have updated two iPhones (a 5s and a 4s) and two iPad Minis (an original and a retina) OTA over WiFi and all of them are running fine.

 

[cinematicme]

I have updated two iPhones (a 5s and a 4s) and two iPad Minis (an original and a retina) OTA over WiFi and all of them are running fine.

I already said, limited number of devices. Just because you updated fine (so did I) doesn't mean it's not a real issue.


Sent from my iPhone using Tapatalk

 

[SwitchBeach]

I already said, limited number of devices. Just because you updated fine (so did I) doesn't mean it's not a real issue.

Nowhere in my post did I state that it wasn't "a real issue".

Are others not permitted to post their experience so that there is a fair assessment of the situation?

 

[Not Quite Right]

I already said, limited number of devices. Just because you updated fine (so did I) doesn't mean it's not a real issue.


Sent from my iPhone using Tapatalk

A real issue in the fact that you're not making it up yes, but an "URGENT PSA" it is not. Trying to scare people into not applying an important patch like 7.0.6 isn't a good idea at all. You do realize what this patch was for right? Apple will gladly repair, or replace an iPhone that was bricked by one of their updates. They won't replace your wiped out bank account, or repair your identity after its been stolen ...

 

[cinematicme]

I do know what it was for and I'd kindly appreciate it if you [redacted], considering every post you've made in this thread has been condescending. Maybe you should consider that you don't know everything. I do this for work, as in employed by, you know I get paid to know what I'm talking about.

And the SSL/OpenTransport bug can only be exploited in wifi range. Why would I try and scare people in to not updating? That makes no sense, it's a warning because it's happening often. Maybe a few thousand customers isn't a lot to you, but in my business it is.

There is no bank info stored on device, unless your stupid enough to have it in notes in plain text, or passbook.


Sent from my iPhone using Tapatalk

 

[Not Quite Right]

I do know what it was for and I'd kindly appreciate it if you **** off, considering every post you've made in this thread has been condescending. Maybe you should consider that you don't know everything. I do this for work, as in employed by, you know I get paid to know what I'm talking about.

And the SSL/OpenTransport bug can only be exploited in wifi range. Why would I try and scare people in to not updating? That makes no sense, it's a warning because it's happening often. Maybe a few thousand customers isn't a lot to you, but in my business it is.

There is no bank info stored on device, unless your stupid enough to have it in notes in plain text, or passbook.


Sent from my iPhone using Tapatalk

If you do this for a living then you should know what you're talking about but this is absolutely not true. The first-hop connection to the access point is only one part at the very beginning of a very long chain of components.

This issue is indeed a big issue as it effectively renders https and any other ssl-based connection useless.

SSL provides end to end security and validation. With this "bug" this protection and validation is lost. While public wifi is a primary concern it is by far not the only concern.

Many other vulnerabilities and points of attack would otherwise be mitigated by SSL. Those issues become much more important now since these are the cases that SSL is meant to help protect against. Everything between you and the site you are communicating with becomes a potential point of exploit with this bug.

Note the risk here is primarily one of theft, though well-crafted malicious actions could go further. There is a significant financial benefit for criminals to attempt to leverage this vulnerability quickly, and when successful the victim likely would not notice until it is too late.

 

[BreakingKayfabe]

Let's make our points in this thread without members telling other members to physically do something to themselves, please. Just keep it civil while making your points.

Also edited the thread title to remove "urgent."

 

[BLiNK]

oh boy

 

[ritesh]

What does PSA stand for? Just curious.
As long as it happens to I phone 5S, I guess it is all right,since they would be under warranty, but how come no one with I5 or I4's have reported this. A bricked phone for them would mean a new purchase, no?

 

[Septembersrain]

What does PSA stand for? Just curious.
As long as it happens to I phone 5S, I guess it is all right,since they would be under warranty, but how come no one with I5 or I4's have reported this. A bricked phone for them would mean a new purchase, no?

Public Service Announcement.

 

[cinematicme]

What does PSA stand for? Just curious.
As long as it happens to I phone 5S, I guess it is all right,since they would be under warranty, but how come no one with I5 or I4's have reported this. A bricked phone for them would mean a new purchase, no?

I don't believe so in cases like this, since apple is responsible for the update, if it bricks your device I would assume you'd be eligible for an out of warranty swap due to manufacturer error.

This issue has cropped up enough that a company wide memo went out about it yesterday. We've been in contact with Apple and we're instructed to forward anyone with this issue to an apple store for a replacement device, they didn't specify warranty though.


Sent from my iPhone using Tapatalk

 

[cinematicme]

If you do this for a living then you should know what you're talking about but this is absolutely not true. The first-hop connection to the access point is only one part at the very beginning of a very long chain of components.

This issue is indeed a big issue as it effectively renders https and any other ssl-based connection useless.

SSL provides end to end security and validation. With this "bug" this protection and validation is lost. While public wifi is a primary concern it is by far not the only concern.

Many other vulnerabilities and points of attack would otherwise be mitigated by SSL. Those issues become much more important now since these are the cases that SSL is meant to help protect against. Everything between you and the site you are communicating with becomes a potential point of exploit with this bug.

Note the risk here is primarily one of theft, though well-crafted malicious actions could go further. There is a significant financial benefit for criminals to attempt to leverage this vulnerability quickly, and when successful the victim likely would not notice until it is too late.

I'm aware, nothing you just posted couldn't have been found on any tech site. This bug has been present for a long time, dating back to iOS 6, so being all up in arms about it is pointless.

Also, SSL keys are breakable.

But that's not what this thread is about, at all. This isn't to discuss the content of the update, or why you should update.

I never stated NOT to update, it's an important update. I was making people aware of the issue, so they could be prepared in the worst case, ie the update bricks their device.

You can stop trying to educate me on SSL/OpenTransport and MitM attacks.


Sent from my iPhone using Tapatalk

 

[Not Quite Right]

I do know what it was for and I'd kindly appreciate it if you [redacted], considering every post you've made in this thread has been condescending. Maybe you should consider that you don't know everything. I do this for work, as in employed by, you know I get paid to know what I'm talking about.

And the SSL/OpenTransport bug can only be exploited in wifi range. Why would I try and scare people in to not updating? That makes no sense, it's a warning because it's happening often. Maybe a few thousand customers isn't a lot to you, but in my business it is.

There is no bank info stored on device, unless your stupid enough to have it in notes in plain text, or passbook.


Sent from my iPhone using Tapatalk

I was refuting your statements. To which I believe I did successfully. Just because you never literally came out and said "Don't update to iOS 7.0.6" is irrelevant. Your post "URGENT PSA" from the start implied it. There are people in this community that know more about technology than you & I put together, at the same time there are members that know little to nothing and come here for information, and to learn. They're the ones susceptible to a carelessly thought out post, and might not have applied a fairly important security patch because of fear of damaging their phones because of it.
A much better "PSA" would have been. Always apply security updates as soon as possible! If something bad happens to your iPhone during the update, Apple has and always will take care of you ...