Apple to fix iPhone security flaw Saturday?

[redbeard]

Apple is set to release a software patch to address a recently described security flaw in the iPhone, the UK network operator 02 has said.

Experts revealed on Thursday that modified SMS messages could result in iPhones being disconnected from the network or hijacked altogether.

Phones incorporating the Windows Mobile and Google Android operating systems are also vulnerable, they said.

An O2 spokesperson said the patch would be available Saturday through iTunes.

"We will be communicating to customers both through the website and proactively," the spokesperson added.

"We always recommend our customers update their iPhone with the latest software and this is no different."

BBC NEWS | Technology | Apple to fix iPhone security flaw


And MMS too?

 

[Matt74]

I doubt there will be an MMS update-- MMS is not an Apple issue, it's a carrier issue.

I'm just wondering what form the patch will come in. Will they try to sneak in a BB update? Will it be an early 3.1? Or will it just be an SMS patch.

I won't be downloading the patch until details come out. While I do not run my JB 3GS unlocked, I want to preserve that option for possible future resale.

 

[Jedi]

It'll be 3.1 and I strongly urge not upgrading until the Dev Team or Purplera1n confirm it's jailbreakable and unlockable.

 

[supermanfos]

I read the same thing guys. Here is an article from MacRumers:

Apple to Release Fix for iPhone SMS Vulnerability on Saturday? - Mac Rumors

 

[Matt74]

It'll be 3.1 and I strongly urge not upgrading until the Dev Team or Purplera1n confirm it's jailbreakable and unlockable.

Do you have inside news, or are you just guessing?

 

[supermanfos]

Wondering the same here Matt74,

@Jedi do you know something we don't? Wouldn't beta users know if the final release was going to happen tomm or are they just calling the patch 3.1? Puzzling...

 

[Jedi]

Just guessing, but 3.1 has been on the cards for ages now. Maybe it'll be 3.0.1? I still reckon Apple will have closed the holes in the baseband that Purplera1n and Ultrasn0w use, hence advising jailbreakers use caution as usual before applying updates.

 

[sting7k]

MMS is in 3.0, it's up to the carriers to update their files to enbale it.

Any patch will come the same way they always do, an update via iTunes.

 

[Alli]

Let's see...update to whatever Apple offers to close the security risk, or leave your phone open to attack so that you can jailbreak at some point in the future. This is really an issue?

Security first.

 

[Ipheuria]

The first thing when I read that was once you apply the patch will it break the Jailbreak? Now for me personally I will not be doing the patch until it's possible to Jailbreak the phone if the patch undoes it. This is just me personally because I don't think out of so many Apple users my phone is really going to get taken over. I already changed my root password and if it was taken over I would just power it off. I don't keep any data on there that anyone could do useful things. This is just the case for me personally, I need to have my phone Jailbroken so it's not an option.

 

[Tramain]

The first thing when I read that was once you apply the patch will it break the Jailbreak? Now for me personally I will not be doing the patch until it's possible to Jailbreak the phone if the patch undoes it. This is just me personally because I don't think out of so many Apple users my phone is really going to get taken over. I already changed my root password and if it was taken over I would just power it off. I don't keep any data on there that anyone could do useful things. This is just the case for me personally, I need to have my phone Jailbroken so it's not an option.

If apple releases a patch it will break you jailbreak.

 

[Shangraham]

Let's see...update to whatever Apple offers to close the security risk, or leave your phone open to attack so that you can jailbreak at some point in the future. This is really an issue?

Security first.

I completely agree.

 

[sting7k]

Everyone gets all upset at these updates. But hasn't every update since 1.0 required the new version to be jailbroken again?

 

[supermanfos]

The patch has been released through iTunes:

Forget Waiting Until Saturday, iPhone OS 3.0.1 Now Available : App Advice

Forget waiting till Saturday, Apple is FAST!

 

[Ipheuria]

If apple releases a patch it will break you jailbreak.

Yeah that's what I figured I will either wait until there's a jailbreak for this update or just wait until 3.1 I'll be waiting to hear others reaction to the update though.

 

[Matt74]

The patch has been released through iTunes:

Forget Waiting Until Saturday, iPhone OS 3.0.1 Now Available : App Advice

Forget waiting till Saturday, Apple is FAST!

You call this fast? Apple was told about this exploit almost a month ago. It's pathetic they waited so long.

 

[traylorc]

You call this fast? Apple was told about this exploit almost a month ago. It's pathetic they waited so long.

Sorry Matt...I have a hard time getting upset that it took a whole month before a fix was developed.

To each their own I guess.

 

[big9erfan]

You call this fast? Apple was told about this exploit almost a month ago. It's pathetic they waited so long.

There was no reason to rush a patch when the hack hadn't even gone public. When the real news of the hack came to light through DeafCon it's really not that realistic. You need to receive 512 sms messages, and if the user deletes even one of those texts the hack attempt fails. I don't really see that as a super urgent omg need to fix now, exploit. They fixed it before the details were announced public, and that's all the "needed" to do. They probably could have announced they were going to address the issue, but I also don't blame them for playing it close to the vest.