backtop


Print 22 comment(s) - last by Jane999.. on Aug 12 at 11:56 PM

Security fix closes PDF vulnerability

Apple has just released the latest update for iOS 4.0.x (iPhone, iPod touch) and iOS 3.2.x (iPad). Previous versions of the mobile operating systems had a PDF vulnerability that was exploited by the iPhone Dev Team to jailbreak the devices.

The iPhone Dev Team was able to make an incredibly simple jailbreak (for the end user) that simply required users to visit the website JailbreakMe.com to jailbreak their devices. The jailbreak was followed up by a software unlock which allowed the iPhone 4 to be used on other GSM networks (in the case of U.S. customers, T-Mobile).

With this security update, that loophole is obviously closed, so the ball is back in the iPhone Dev Team's court to find another iOS security hole to expose.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

How about...
By drunkenmastermind on 8/11/2010 6:24:18 PM , Rating: 1
Fixing my fucking iPhone 3G that you have fucked with you stupid fucking iOS 4 update!!!




RE: How about...
By XSpeedracerX on 8/11/2010 6:58:31 PM , Rating: 5
There is a fix. Its called the "iPhone 4" patch. You go to AT&T, download $200 into their account and they give you a shiny paperweight that you can't call anyone on without wrapping it up in a phone condom first. Problem solved.

iOS4 is not intentionally slower to compel you to upgrade sooner - its just that it requires more hardware resources availible to a new iDevice, thus you should upgrade sooner. See? Apple works sooo hard for us...


RE: How about...
By drunkenmastermind on 8/11/2010 7:07:34 PM , Rating: 2
It's not slower it's inoperable! and like hell am I buying an iPhone 4. Oh and exactly what does it require more hardware to run? iPod? Camera? Contacts? Mail? SMS? even these basic functions are ruined.


RE: How about...
By chick0n on 8/11/2010 11:27:58 PM , Rating: 3
OS thats designed to run under 512MB of ram will suffer heavily under 128MB.

but hey, it just WORKS, slower, thats all.

No problem on iOS 3.x? awww. thats too bad. Apple is not making any money from you ... oh I mean Your phone is outdated !

suck it up and buy a new one.

Thats how Apple treat their customers. :)


RE: How about...
By chdude3 on 8/11/2010 7:32:54 PM , Rating: 4
This was a priority to fix the gaping PDF security hole - but I'm 100% with you here. Ever since I moved to iOS4 on my 3G, the phone and all functionality was next to useless. Pausing for 30 seconds at a time at random intervals, taking several seconds to register a button push, and typing was a nightmare.

It got so bad that I finally just downgraded to 3.1.3, and it's working like a charm again. I do miss not being able to group my Apps, and miss the Google Calendar syncing, but at least the damn thing is usable again.


RE: How about...
By drunkenmastermind on 8/11/2010 7:47:56 PM , Rating: 2
I have tried multiple times to downgrade without success, you got any pointers?


RE: How about...
By AMeetingWithTheBobs on 8/11/2010 8:11:08 PM , Rating: 2
CNET has a short video guide...perhaps that'll help.

http://cnettv.cnet.com/downgrade-your-iphone-3g-fr...


RE: How about...
By chdude3 on 8/11/2010 8:11:15 PM , Rating: 2
I just followed the guide at Lifehacker. Make sure you've updated to the latest iTunes (which I had initially not done, and was getting Error 21 almost immediately). Otherwise, follow the guide there and you should be fine.

BE WARNED that you can only restore from a pre-iOS4 backup. I did not lose anything of import in the month that I'd "upgraded" - no problem to me that some SMS history is gone, and my apps/photos/etc I just manually reloaded.

But it brought my phone back to life, back to usability, so it was well worth it in the end. I really hope they address this with the full 4.1 update, but I am going to wait for a while after it's out to make sure I hear from everyone that I can that there are no more issues with 3G phones.


RE: How about...
By MonkeyPaw on 8/11/2010 9:09:43 PM , Rating: 3
Yeah, I downgraded my 3G, too. If Apple isn't going to address the horrendous lag on every app and the random lockups/reboots, then they might as well remove iOS4 support for 3G and make the downgrade a fully supported option. I had to use the web as a guide and then redownload all my apps. More of a pain for me, but at least I was able to fix it myself.

I think the 3G's hardware might just be too limited to use iOS4 (slower CPU/GPU, half the RAM as even the 3GS). The only other option is that iOS4 isn't correctly disabling multi-tasking on the 3G.


RE: How about...
By drunkenmastermind on 8/11/2010 11:19:27 PM , Rating: 2
Cheers, sorted. It is great that they updated RecBoot. That was why I couldn't successfully complete the downgrade before.
Glad I can be back to using my iPhone 3G without an OS 4 lobotomy.


RE: How about...
By Suomynona on 8/12/2010 1:21:22 AM , Rating: 3
Forget fixing it. Toss that turd and get yourself an Android phone.


RE: How about...
By drunkenmastermind on 8/12/2010 8:44:13 AM , Rating: 2
There's only one Android phone available in Japan and I don't like it.


RE: How about...
By ctodd on 8/12/2010 11:46:07 AM , Rating: 2
Don't know if this will help you, but I improved my performance after the update by 50% by resetting the phone.

Settings->General->Reset->Reset All Settings

You will have re-enter passwords and stuff, but it defiantly improved my performance.


RE: How about...
By drunkenmastermind on 8/12/2010 7:46:32 PM , Rating: 2
Forget about it, there is nothing you can do except get that rubbish off the phone all together.


Does this...
By damianrobertjones on 8/12/2010 3:37:16 AM , Rating: 2
...patch remove the SIX services, MobileMe, Bonjour, instant in your face safari update added and other startup bits and bobs just to get a damn music file onto the ipud?

Thought not. Why do people put themselves through this farce?




jailbroken
By Jane999 on 8/12/2010 11:56:39 PM , Rating: 2
For my iPhone and iPad this adds up to almost 1GB. I think I'll wait until they're adding features instead of removing them before I update.
AS I jialbroken my iPad, and got many apps on it, like ipad video converter from ifunia and installed flash ( :) Install Flash on Your Jailbroken iPad: ifunia/news/install-flash-on-your-jailbroken-ipad/ ).
Hope DevTeam will do some thing....




Cat and Mouse
By Adonlude on 8/11/10, Rating: -1
RE: Cat and Mouse
By corduroygt on 8/11/2010 4:33:32 PM , Rating: 3
This was a security hole that could have been used for malicious attacks, not just jailbreaking, otherwise they'd have waited a couple more months before patching it.

They also have a contract with AT&T that prevents people from unlocking their phones even after they fulfill their contractual obligaitions. This is a case now in Antitrust court.


RE: Cat and Mouse
By corduroygt on 8/11/2010 4:33:33 PM , Rating: 2
This was a security hole that could have been used for malicious attacks, not just jailbreaking, otherwise they'd have waited a couple more months before patching it.

They also have a contract with AT&T that prevents people from unlocking their phones even after they fulfill their contractual obligaitions. This is a case now in Antitrust court.


RE: Cat and Mouse
By plewis00 on 8/11/2010 4:34:12 PM , Rating: 3
It's nothing about stopping a jailbreak (well not officially anyway), it's about a gaping hole when you visit any website with the flawed PDF allowing malicious code to execute.

The code could execute whether the device is jailbroken or not. This hole did need patching.


RE: Cat and Mouse
By Performance Fanboi on 8/11/2010 4:56:00 PM , Rating: 4
Apple usually takes forever to close blatant security holes - I have to wonder if it would have been patched if it hadn't allowed for such easy jailbreaking.


RE: Cat and Mouse
By HotdogIT on 8/11/2010 5:17:44 PM , Rating: 2
Not a chance. It wouldn't have gotten nearly the publicity. It might have gotten patched, but it would have merely been a note in the change log, and not a "DailyTech Headline".


"I'd be pissed too, but you didn't have to go all Minority Report on his ass!" -- Jon Stewart on police raiding Gizmodo editor Jason Chen's home














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki