Robert Hensing's Blog

Software Security . . . and stuff.

Darth Apple and the iPhone?

Darth Apple and the iPhone?

  • Comments 1
  • Likes

Interesting blog from my friend Adam Shostack here: http://www.emergentchaos.com/archives/2007/10/apples_update_strategy_is_1.html

He takes a look at the Apple iPhone Security Update <--> Bricked Device issue.  Basically if you want 10 security updates for your iPhone - that address a variety of Safari vulns and probably remote code execution vulns in the Bluetooth stack - you have to apply this update.  But if you apply the update on a phone that's been modified (either software only or the hardware mods) you risk bricking your device.

I personally can't believe there hasn't been more public uproar over this.  I remember when it was reported that we were going to deny security updates to pirated copies of Windows (totally not true!  You can still download them via download.microsoft.com) and people lost their minds . . . well Apple is essentially denying security updates to people who've messed around with *legally* purchased iPhones.  Well I *think* they are legally purchased - I don't know if they've overloaded the term purchase to now include a clause about having to activate it with AT&T or something . . .

Anyhoo - in other, happier mobile news - today is apparently Zune2 launch day . . . the Zune folks have been extordinarily tight lipped internally and so far have done a great job keeping us employees in the dark - everything I know about the devices so far I've learned externally from Engadget or Zunescene. :)  But I'm sure as soon as I know official details - that I can share - I'll post them here.

Comments
Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment