backtop


Print 40 comment(s) - last by HighWing.. on Oct 22 at 1:31 PM

Who says Apple Inc. doesn't have a heart?

Apple Inc. CEO, Steve Jobs posted a letter on Apple's website that left some happy and others scratching their heads. "Let me just say it: We want native third party applications on the iPhone, and we plan to have an SDK in developers’ hands in February," Jobs stated in the letter.

This announcement seems in stark contrast to previous Apple policy, including its firmware update v1.1.1, which turns iPhones and iPod Touches with unauthorized third party applications into "iBricks" and in standard phones locks the file system from users installing third party applications.  This update has led to two pending class action lawsuits.

Others may note that February seems like a long time away and wonder at why the SDK will take so long to be released.  Jobs said that the reason for the delay is to make sure the iPhone and iPod Touch are protected against malware and viruses.  The devices are far more vulnerable to virus than most people think according to Jobs.

"Since the iPhone is the most advanced phone ever, it will be a highly visible target," Jobs continued. He went on to say that the months of patience will be rewarded by He said that the months of patience will be rewarded by "Many years of great third party applications running on safe and reliable iPhones."

There are a broad array of third party programs for the iPhone and iPod Touch that do everything from instant messaging to phone unlocking.

Third party developers are greeting the news with guarded optimism.  One third party developer, based out of Denver said "I'm thrilled.  I hope it is exactly as they say, full third-party development."

Apple Inc., originally Apple Computer, has had a long history of trying to keep technology proprietary and avoid licensing its designs or allowing third party development.  Many see this as a major reason why it originally fell from dominance in the personal computer market to a small market share.

Apple made no indication, unfortunately for some, that it was going to make any effort to "unbrick" iPhones and iPod Touches that had unauthorized third party apps and had been made into paperweights by the v1.1.1 firmware update.  It did not announce any programs to unfreeze these phones or to provide warranty service for them.

Apple's position appears to be that until developers adopt the official SDK, which will arrive in February, using their applications violates the iPod Touch and iPhone warranties, as they see it as a form of "modification."

Apple has also not stated whether future version of the firmware will retract the change, or whether they will continue to brick iDevices with unauthorized third party applications.

Apple is remaining firm on its stance about unlocking: Unlock your iPhone and update, and you phone will be dead.  If you don't like it, they say, buy a new iPhone and don't unlock it.

Apple will begin selling unlocked iPhones -- but currently in France only, as French law mandates them to.

Despite some people's concerns, many feel this move is a step in the right direction by Apple and demonstrates a degree of learning from their past mistakes.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: End of Days
By omnicronx on 10/19/2007 10:11:15 AM , Rating: 4
Heh, funny.. Weird though how you don't hear about any Microsoft ppc phones being vulnerable to viruses. I've never heard of anyone having virus or security trouble with their WM5 or WM6 OS. Is the Iphone really that vulnerable?


RE: End of Days
By kelmon on 10/19/2007 10:19:47 AM , Rating: 3
I detect a degree of shit-stirring here but let's answer this by saying that if Apple is making security a priority then that can only be a good thing. I seriously doubt that the iPhone is vulnerable beyond being a highly visible target since so many people seem to love to hate it but it makes sense that they aren't taking chances.


RE: End of Days
By MrDiSante on 10/19/2007 11:32:42 PM , Rating: 2
I'm not sure that Apple is making security a priority. To me it seems more that Apple is making keeping a strangle-hold on the device a priority. Choosing which programs you can and can't run makes it harder to get free ring-tones, unlock and then iBrick your iPhone, and of course not pay for all those wonderful iApps.


RE: End of Days
By TomZ on 10/19/2007 10:32:46 AM , Rating: 3
quote:
Heh, funny.. Weird though how you don't hear about any Microsoft ppc phones being vulnerable to viruses. I've never heard of anyone having virus or security trouble with their WM5 or WM6 OS. Is the Iphone really that vulnerable?

I think maybe we misinterpreted what Jobs meant by "security." Probably he actually means making the iPhone more tamper-resistant to avoid hacks like those that unlock it. Because otherwise, I agree with you - I don't see why iPhone would be any more or less susceptable to attacks than any other smartphone.

But in any case, if they are truly going to "make it more secure" (in the normal sense of that phrase), then it can only be a good thing. So far they've only made a half-hearted attempt at security on the iPhone.


RE: End of Days
By GaryJohnson on 10/19/2007 12:00:23 PM , Rating: 2
There is malicious software that runs on windows mobile. It's not as prolific as it on windows desktop, but it is out there.

There are fewer points of entry for evil code though, no browser helper objects, no non-executable e-mail attachments that can run malicious code.


RE: End of Days
By omnicronx on 10/19/2007 12:04:30 PM , Rating: 2
you would have to essentially download a virus made specifically for ppc, and run it.. avoiding the 'do you want to run this unauthorized code' message ;)


RE: End of Days
By GaryJohnson on 10/19/2007 12:47:11 PM , Rating: 2
Yes exactly, but that does include malicious software disguised as something benign like freeware bust-a-move games or tip calculators. This is probably what you'd have to be concerned about with the iPhone as well.

There are other potential points of entry for bad code on windows mobile, like java midlets. I'm not sure exactly how malicious you can be with a midlet though.


RE: End of Days
By kelmon on 10/19/2007 1:15:16 PM , Rating: 2
Some people are going to hate this but I'm very much in favour of it. Rumor (yeah, OK...) has it that both Apple and Nokia are looking to provide central repositories of "blessed" applications that users can install from. The benefit of this is that all applications will have been vetted as being OK, both from a functional and security perspective. The downside of this is that developers won't be able to release applications that Apple doesn't like, either because they are bad applications or perhaps do something that is contrary to Apple's business model (definitely into iffy territory there). It very much depends on how heavy-handed Apple would be as to how well this would work, plus how quickly they can vet applications submitted to them before making them available to Joe Public. It remains to be seen whether this will happen (no doubt the arrival of the SDK will answer that) but there is a lot to be said for only downloading applications from a trusted source.


RE: End of Days
By TomZ on 10/19/2007 1:44:47 PM , Rating: 2
I think this is realistically the only way you can secure the platform - by having third-party apps certified in the way you describe.

That doesn't exclude, however, the possibility that Apple will allow non-certified apps to executed. In this case, the device might give some extra security warnings compared to certified apps.


RE: End of Days
By kelmon on 10/20/2007 6:08:40 AM , Rating: 2
I think that this is what is coming in Leopard and therefore probably already exists in the iPhone - digital signatures for applications. I guess the theory is that if you download an application that has been appropriately signed then you can feel safer about running it but if the application doesn't have such a signature (or a bad one) then it's a case of "buyer beware" and it's your own choice to take the risk or not.

I do wonder, however, what level of confidence can be assigned to a signed application. What will it take to get a signature and can they be spoofed? Again, I'm sure we'll be hearing much more about this towards the start of 2008.


RE: End of Days
By Ralph The Magician on 10/19/2007 9:28:06 PM , Rating: 2
quote:
Is the iPhone really that vulnerable?


Yes. Currently, everything on the iPhone runs as root. All 3rd party apps run as root. That is a HUGE security issue.

I suspect this may be one reason why it will take a while for an SDK. They will have to rewrite the iPhone OS in a way that allows for separate user profiles, and probably create a distinct user for 3rd party applications. I'd expect to see iPhone software update Version 2.0 before we see an SDK.


"Google fired a shot heard 'round the world, and now a second American company has answered the call to defend the rights of the Chinese people." -- Rep. Christopher H. Smith (R-N.J.)














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki