In case you dont know the drill by now, the Dev-Team is is re-warning users not to update their iPhone software when Apple releases the 3.1 firmware.This week Apple will be all over the news with their announcements at Wednesday’s “Let’s Rock” event. But with so many new owners of the iPhone 3GS, and with so many new owners of the iPhone 3G (perhaps sold to them buy these new 3GS owners)…now is a good time to send out this general advisory.

If you update to Apple’s new software using the normal iTunes process, you will lose your ultrasn0w unlock. In fact you may lose it permanently, because for most people the baseband firmware cannot be reverted to a previous version (unlike the main application CPU firmware).
But don’t worry…our PwnageTool program let’s you update your main firmware without touching your baseband firmware, so you can still have the best of both worlds. But you must be diligent about saying “no” to your iTunes request this week to update your firmware.

Dev-Team: Do Not Update To iPhone Firmware 3.1 Yet is a post from: The Apple Bites

Via a simple SMS, the iPhone can be hacked, according to Cjarlie Miller. Miller is a well-known securityspecialist and author of the Mac Hacker’s Handbook. Via the SMS vulnerability you’ll get access to the root of the iPhone. The SMS leak will give the attacker the possiblity to activate certain code via an SMS-message sent to you, Miller mentioned on the SyScan exchange.

The code can for example, track the location of the phone, turn-on the microphone or totally block it. By sending several SMS-messages written in binary code, an entire program can be send. This program then can get access to the root of the iPhone, causing lots of trouble.

Such leaks in applications are not that bad, because the applications run in their own sandbox. Imagine such a sandbox as an island where all bridges to the shore are up and not accessible.

Apple’s working on a patch for the SMS vulnerability. That patch is expected to be ready at the end of this month. After the patch is released, Miller will describe further details about the leak on the Black Hat conference in Las Vegas.

There’s also a positive side to all this. Miller tells that the version of OS X for the iPhone is still safer than the entire OS X for desktops and laptops. That’s because applications like Java and Flash are not available on the iPhone OS.

Apple werkt aan een patch voor de SMS kwetsbaarheid. Deze verwachten ze aan het eind van deze maand klaar te hebben. Zodra deze patch uitgegeven is zal Miller verdere details over het lek beschrijven in een presentatie op de Black Hat-conferentie in Las Vegas.

“The iPhone is more secure than OS X, but SMS could be a critical vulnerability,” says Miller.

iPhone Hacked Via SMS is a post from: The Apple Bites

Tags:

• iPhone 4s hacked through sms