Slashdot Mirror
iPhone, iPod Touch 1.1.1 Firmwares Jailbroken
vertigoCiel writes "Hackers Niacin and Dre have recently gained full read and write access to the filesystems of both the iPhone and the iPod Touch. The Jailbreak exploits a vulnerability in Safari's TIFF library to execute the necessary code when the specially crafted image is loaded. Access can then be permanently sustained by modifying the fstab file with iPhuc"
Wouldn't it be easier to buy an phone/mp3 player that isn't crippled?
Don't patch until there is a working hack for the new patch. And yes, a new hack will always surface.
What 'hint'? They are under legal obligation to maintain their firmware so that the phones can't be used on other networks for another 5 years. They are also under obligation to their customers to provide firmware for their phone that is as bug-free as possible. If the user can hack it, a malicious attacker can, too.
So are you saying that they shouldn't patch the vulnerabilities, that they shouldn't release new firmware at all, or that they should break their contract with AT&T which could make every iPhone out there useless overnight unless it is hacked?
"If you make people think they're thinking, they'll love you; But if you really make them think, they'll hate you." - DM
> They are under legal obligation to maintain their firmware so that the phones can't be used on other networks for another 5 years.
In some countries the exact opposite is true!
Am I the only person here who reads that there is a vulnerability in the way iPhone handles TIFF files who immediately thinks that this is a massive security problem that needs to be addressed immediately? Sure, a handful of people will make use of this to open up their iPhone. Good for you. However, for everyone else, this is just a hole waiting to be exploited by someone posting a malicious TIFF onto a website or in an email and luring the iPhone users to view the TIFF causing havoc.
I don't know what their contract says with AT&T, but that might very well be on there. Something to the tune of 'only tested and approved applications'.
But even assuming it's not a contractual obligation, Apple announced they weren't going to allow third-party apps weeks before the first iPhone was sold. It wasn't a surprise and anyone who bought it with the intent of hacking it and putting their own apps on it did so at their own risk.
I've bought devices, used 'hacks' on them, and did other things with them. But I did so with each of them with the complete understanding of how much money I could lose if anything happened that I couldn't control. In fact, while I was soldering one, my father was in the other room saying comforting things like 'That's a $300 mistake.' Turns out, he was almost right on that one... I barely managed to fix it.
Anyone complaining about Apple updating their firmware has rocks in their head. It's what they do, it's what they said they'll do, and nobody ought to be surprised that they'll do it.
If you want an open phone, there are several on the market or very close to market that will work MUCH better and the companies will support you in creating the apps. There's no need to hack the iPhone and Apple has cheated no one.
"If you make people think they're thinking, they'll love you; But if you really make them think, they'll hate you." - DM
So let me get this straight: if an image handling vulnerability is in IE or Firefox, it's deplorable, but if it's in an iPhone, it's the greatest thing ever?
If you cretins don't like the iPhone's contract terms, DON'T BUY ONE.
But you *would* be under legal obligation to *try*.
"Ignorance more frequently begets confidence than does knowledge"
- Charles Darwin
If you want an open phone, there are several on the market or very close to market that will work MUCH better and the companies will support you in creating the apps. There's no need to hack the iPhone and Apple has cheated no one.
My opinion on this is that it is unethical and should be illegal for ANY phone on the market to be restricted to a network, or restricted in available applications based solely on who gets paid. It's bad enough that companies have framed the software market so that products you "buy" aren't yours but licensed, they want the same paradigm with hardware too. It's bullshit, and it shouldn't be tolerated just because someone else sells uncrippled hardware.Samsung took back my unlocked bootloader because Google wants me to rent movies. They're both evil.
The terms of the contract, according to the Mac community, is that whenever there is something annoying with the phone -- bricking, restricted access of all sorts -- it's AT&T's fault. This also goes for the ipod touch, which features the exact same restrictions.
Anyone complaining about Apple updating their firmware has rocks in their head. It's what they do, it's what they said they'll do, and nobody ought to be surprised that they'll do it.
All true. Expecting Apple to support hacked models with new firmware is a bit silly. The iPhone updater completely re-flashes the iPod, and then re-adds the data from iTunes. So any update will at least wipe Apps, unless Apple does special work to preserve them.
But just as importantly, there's nothing saying you "have to" update the firmware. It's voluntary. Sure, you've got to if you want the bugfixes and new features, but that's hardly mandatory. Users can continue to use the 1.0.2 firmware for as long as they want to, or until there's some sort of iPhone virus out there.
Apple regularly bitch-slap their fanbase like 2-bit whores. And still they come crawling back for more, whispering "It's not them, it's me. Apple will change, if I just love them enough," through their split, swollen lips. It's sad, is what it is.
If you were blocking sigs, you wouldn't have to read this.
So why do you feel compelled to get a new one?
Personally, I'd give it another year before going iPhone and see what the second-gen ones are like (esp. with respect to 3G/HSPDA which may have been a defensible decision in the US but its a bit of a joke in the UK).
As other posters have said, if you're going for a new not-iPhone then T-Mobile do much better "unlimited" data deals.
In a survey of 100 programmers, 111111 thought that duck-typing was a good idea.
If their hack depends on a "specially-crafted" TIFF, then that's a bug, and Apple is under an obligation to close that hole. How would you like it if a "specially-crafted TIFF" was used to steal all your personal information?
Open the SDK, Apple. Allow the legal unlocking, and make it easy for people to write apps and then sell them for them on iTunes. Stop being jerks. You make money to the extent that you're not jerks.
But hacking is hacking, and I don't want any vulnerabilities on my iPhone, even if it's just "good guys" who are using them.
What's Apple's excuse for locking up the iPod Touch...?
With the iPhone it was apparently part of the contract they signed with AT&T, but with the iPod Touch, Apple has NO fucking excuse.