Slashdot Mirror
Apple Says iPhone Jailbreaking Could Hurt Cell Towers
AHuxley writes "Apple suggests that the nation's cellphone networks could be open to 'potentially catastrophic' cyberattacks by iPhone-using hackers at home and abroad if iPhone owners are permitted to legally jailbreak their wireless devices. The Copyright Office is currently considering a request by the Electronic Frontier Foundation to legalize the widespread practice of jailbreaking. Apple has responded to the request by saying that if the 'baseband processor' software — which enables a connection to cell phone towers — is exposed, then a user could crash the tower software, or use the Exclusive Chip Identification number to make calls anonymously. Apple also thinks its closed business model is what made the iPhone a success. The Vodafone scandal from a few years back showed how a network could be compromised, but that was from within. So, what do you think? Is Apple playing the 'evil genius' hacker card or can 'anyone' with a smartphone and a genius friend pop a US cell tower?"
Those poor little cell phone towers. I'm glad somebody is thinking about them.
Faster! Faster! Faster would be better!
Even Microsoft isn't this stupid... yet anyway.
I've been avoiding Apple products due to their control issues, but this is just ridiculous.
Mod me down, my New Earth Global Warmingist friends!
Ya bad people won't look for flaws in the system if only Apple can keep people tied to their contracts. I'm having a hard time seeing the logic.
Apple has picked up one from the playbook of the Bush Administration.
We should ban the sale of iPhones with this potentially dangerous bug until Apple can fix it, either by providing unlocked iPhones, or without this being handled by the iHpone's locking mechanism.
This seems like the equivalent of saying 'If you are allowed to install software on your PC you might bring down your ISP's entire network."
Speak for yourself.
then only outlaws will own cracked iPhones!
Seriously - if you're going to do an illegal activity (hacking) anyway, then making another activity (jailbreaking) illegal isn't going to deter you.
If somebody's going to try to "pop" a cell tower they're certainly not going to care if step 1 of the process was legal or not.
Apple is just trying to bad monopolist and keep the cash rolling in. Next it would not have a lock on apps, hence anyone can load what they want as service (background) - so Skype or Google app can vut the phone use costs.
If a jailbroken iPhone can potentially crash a cell tower but a regular run-of-the-mill cell phone cannot, it really makes me wonder what cool toys they've hidden in the jesus phone that makes it so life-threateningly dangerous that it needs to be encased in a kryptonite shield.
If a person is going to commit a felony "cyberattacks", why the hell would they worry about the legality of jailbreaking? It's like armed bank robbers worrying that they're fully automatic rifle isn't legal.
I've got 101 mod points and you can't have them!
The Exclusive Chip Identifier? Aka the ECID?
That thing was added solely to make it harder to unlock the phone for other carriers!
For the last time, PIN Number and ATM Machine are redundancies!
Instead of locking the whole thing down, just lock down the baseband processor. That way people who want to run their own apps can do so without having to jailbreak anything, and the baseband processor won't have any attention given to it. But of course this would still be a problem with AT&T, who provides the connectivity.
If these towers could be brought down from a user who jailbroke his iPhone, then it would have happened already.
No hacker is going to say "Oh well I guess I can't bring down this series of towers, ATT/Apple said it's not legal. Darn..."
This is the lamest excuse I've heard yet...
The greatest revenge in life is massive success.
It would be like saying that allowing PC/Mac programmers to use the IP sockets API will let them crash their local router.
Give us a break Apple, you're coming across as more and more control freaks and foolish every week.
We all know the deal. If I wanted to compromise said cellular network, I could use the current published, freely, and openly available jailbreaking techniques. If they legalize jailbreaking of the phones, it is not going to legalize hacking cellphone towers, so the people that are going to do it are already trying. This is just a another preemptive strike by Apple. They are going to lose credibility, because too much press in a short ammount of time for a company can be just as bad as flying under the wire. I think it is time they slip back into the ether and keep quiet for a few weeks.
There are other smartphones on the market, you know. And the rest of them aren't limited to apple's draconian app store submission process.
Surely such a hacker could just use another smartphone platform? Seems like a last-ditch attempt to justify their control-freakery.
In order for the towers to be protected, there must be a *law* against jailbreaking (a practice that is currently perfectly feasible, just questionably legal). Will the law, sensing a helpless tower is in danger, jump off the page and stop the evil hacker from using his jailbroken phone to expose flaws in the upstream hardware/software, and save the day?
Even if this is true, legislation is clearly NOT the way to go here. Either they are giving away too many secrets just by having easily exploited hardware/software in consumers hands, or they are running woefully unprotected towers (or both). In any case, a law against it isn't going to do a whole lot except speed the prosecution of said 'evil hacker' who would already be breaking numerous laws anyway.
Apples isn't so much worried about hacking as it's a possibility with any smartphone. It's worried more about it's profit margin with exclusive contracts; this allows them to take a percentage of the contracts rather while undercutting the price of their devices. If they were to lose this exclusivity, they would either have to raise the price of their devices again or accept that their profit margins have been cut... and that is the real thing they are arguing against.
This is my sig. There are many like it but this one is mine.
Apple is partially right. Their closed business model has lead to the success of the iPhone. (Happy now?)
Seriously. The tight control on the user experience is what maintains the appeal of the device. For most people.
However, where they're wrong is in thinking that they need to prevent jailbreaking in order to maintain this. The people jailbreaking their phones aren't in the majority who bought the phone for the slick and stylish integration. They're a harmless minority, and Apple should be grateful for the extra revenue that a little bit of hacking has brought in.
Also, the part about being a risk to networks is nonsense.
Because it being illegal will stop those intent on using their phones for nefarious purposes FROM JAILBREAKING THEIR iPHONES? Sorta like how traffic laws will prevent robbers from double parking while pulling a bank heist (double parking the vehicle can speed the getaway!!).
The ability to make anonymous phone calls shouldn't be seen as such an evil.
If jailbroken iPhones can hurt cell towers, then it's already too late, because there are already jailbroken iPhones. So how does making jailbreaks illegal help this problem? It doesn't.
A thousand pounds of wood moving at 300 feet per minute. Don't get in the way.
Wow are they full of crap. Or the iphone is crappy designed.
I se a GSM open module every day....
http://www.sparkfun.com/commerce/product_info.php?products_id=478
I use this thing and I have full access to all it's parts except for the sourcecode to the phone/modem.
If the iphone does not have one of these phone chipsets in it like the other 99.9987% of the cellphones on the planet, then they made a really crappy phone.
Do not look at laser with remaining good eye.
ATT and the old bell system made the argument that phones they didn't make (and rent/lease to subscribers) would harm the network. It took the carterphone decision to make THAT lie go away
Apple doesn't learn. This very same strategy is what gave Microsoft such a big opening in the 80s. If Apple sticks to the closed system approach they will have higher price points in the short term, but long term will lose out to more open platforms like Android where the incentives for a more diverse network of partners will be greater. In the early 80s Apple outsold IBM and everybody else in PCs. They took their Apple II win and moved up-market with the Mac. Sure the technology and user experience were radically better than the competition, but they further closed down the platform to partners and end users. Pretty quickly the open platform, multi-vendor combination promoted by IBM, Microsoft, and Intel won the day - even though it didn't work as well.
Most properly engineered cellphones have TWO processors, one holds the GSM stack and radio control, and really, *REALLY* looks like an over-smart, over-engineered modem with standard "AT" commands.
The second processor is more powerful, and the entire UI goes there. It talks to the baseband GSM stack over stuff that looks like serial links. And it is this second processor that you are jailbreaking.
If Apple allows anyone to mess with the GSM stack, then they have screwed up, plain and simple. It also menas the iPhone is a piece of shit security-wise. Which wouldn't suprise me any, but still... I very MUCH doubt Apple has bought or written a GSM (or CDMA, UMTS, HSDPA, etc) stack, they probably licensed one (if not the entire cell radio module), so it should be running on its own processor alright... which BTW is usually an ARM5 core inside a GSM/UMTS/whatever SoC module.
In other words, Apple is probably lying, and there is *NO* risk to any cell network on jailbraking the main (GUI) processor.
But if using the expression in the wrong order is outlawed,
the expression will only be used in the wrong order by outlaws.
a few rouge iPhones
I thought they only came in black?
Is the problem with any cellphone that allows you to install your own software or are jail broken iPhones the only potential terrorist threat? This could be really dumb for Apple, you know equating their own product to anthrax and missing nukes. It certainly didn't work for BioTerror Coke.
Play the fear card whenever you want your political way...
and hahahahahaha!
Maybe if people put their jailbroken phones in trebuchets and fire them at cell towers...
They're not really playing to the ignorance of their base, as it's not their base that they're trying to convince. They're trying to convince the Copyright Office, which is almost as bad because they cannot be reasonably expected to understand the intricacies of cellular network technology. That burden lies with the network operators and the FCC. As for the question of whether jailbreaking is good policy from a copyright perspective, the Copyright Office shouldn't care much about potential network problems.
Now from a technical perspective: AT&T is a GSM/EDGE/UTMS network. If the iPhone is supposed to work on their network, it conforms to those international, well-vetted standards. (An part of those standards is the use of a SIM card specifically so a user can separate the handset from the network.) There shouldn't be anything that an iPhone can do on their network that any other cell modem couldn't do. TFA isn't coming up for me, so I'm not sure what Apple's specific claims are, but I have a hard time imagining that AT&T gave them some unique, magic software key to a very well-defined tower structure.
As always, they're playing upon the ignorance of their userbase. I give it, say, 35 minutes before someone here posts why Apple is full of balderdash for saying this. I give it 5 minutes before some iTard rushes to their defense.
Well, this is not exactly a technical explanation, but here we go... I live in Vietnam, where basically you can buy the latest and greatest of any brand (I own a HTC Touch HD), but the majority of cellphones are local brands (for example Bavapen) or clones of popular phones (mostly blackberries). I've just read a report on how they are done. Basically parts are imported from China, and assembled in mom & pop shops (Bavapen is a major brand, but you have dozens of smaller brands), loaded with whatever baseband processor software is available.
Now the thing is, it's incredibly easy to set up shop and assemble your own phones. This part of the market seems to be completely unregulated. And yet, in this 85+ million market I never heard anything about dangers to cell towers. We have basically 3 major and 5-6 minor carriers, 99,99% of all phones are not locked to any of these, and a good chunk of the phones are loaded with software from who knows what sources. I would assume that the situation is very similar in the rest of SE Asia and China.
Now I know this is not proof in itself, and I don't know for sure about the rest of Asia, but it is safe to assume that we have hundreds of millions of phones on the market with hundreds of different baseband processor software coming from shady sources, yet to my knowledge, there hasn't been in single attack on cell towers via software loaded on the phones themselves. And although this region is relatively stable, cyberattacks, just like elsewhere, are pretty common. I believe that if this could be done, it would have been done or tried already.
Your argument is irrelevant to the story. Also fairly uninformed:
I don't trust that the iPhone OS is secure enough to allow this.
The iPhone OS is a scaled-down OS X, built on a solid BSD foundation. If you're really going to argue this, then Apple should retain that same tight control over OS X apps, right? Because OS X can't be trusted to keep your Macbook secure?
And that assumes this is correct:
This QA that Apple provides is of great value.
Apple accepts and rejects apps pretty much arbitrarily -- and not just for security reasons. They reject apps that might compete with something they're doing, they reject apps that use an API in a way they don't like, they reject apps that just don't look pretty enough in the right ways. And if you re-submit your rejected app, maybe change a single line of code, there's a fair chance you'll get accepted.
The QA that apple provides is little better than random -- console manufacturers do a much better job, and even they occasionally let through some bug that will wipe a memory card. And even if it was useful, why would it be more useful for a phone than a laptop?
But let's pretend that is a relevant argument. In that case, how would opening up the platform harm you in any way? The App Store would still be the most popular way of distributing apps, and you could still choose to only trust Apple-vetted App Store apps. The fact that the rest of us could just download an app with the built-in Safari wouldn't make you any less secure.
Indeed, this is exactly how Android works. There's an official Android app store, but you're allowed to install apps through whatever channel you like. Other platforms (Windows Mobile) have been open for years (decades?) without significant problems -- to bring this back on topic, Win Mobile being open hasn't brought cell towers down.
Here's what I think: You've got an iPhone, and you're trying to justify it to yourself. Maybe you even have Stockholm Syndrome. But I can't see any sane argument why a manufacturer should prevent me from installing software "for my own good".
Don't thank God, thank a doctor!
The network argument was core to protecting the old Ma Bell (former/real AT&T) for many years. They used the same argument that unapproved equipment could damage the network. Now the new AT&T (and Apple) is trying the same argument about "danger" to infrastructure. Although there many have been some technical reasons for both arguments, it's really about profit.
I hope the software/hardware on the towers and switching systems is robust enough to handle rouge events. Even if there aren't jail broken phones, a motivated hacker (with some significant RF engineering background) could whip up a device that could crash the network. THe argument for closed devices is all about profit.
If Apple didn't have its hoop-jumping content-based approval process, and just approved apps based on technical safety, then there wouldn't be any need for people to hack their devices and consequently install unsecure, potentially dangerous software.
No kidding!!! What do you say at this point?
This is IDIOTIC. How can any reasonable person possibly buy this argument.
Anyone that wants to bring down a cell phone tower or cell network IS NOT GOING TO CARE whether or not it's LEGAL to screw with the cell radio baseband software. They are ALREADY attempting to do something much worse.
Let's be honest here, the "security" aspect of this argument is a smokescreen. It's blatantly all about the profit!
Furthermore, the cellular network should NOT be so fragile that a single rogue cell phone could take it down (AFAIK it is not). BUT if AT&T is truly insistent on making this argument, then I believe a full investigation by the FCC is mandated. The self-admitted fragile state of their network means that their stewardship of a public resource (radio spectrum) is being poorly managed and truly endangering national security.
If a single cell phone using hacked firmware can crash a cell tower, then the tower needs fixed.
This is nothing more than an attempt by Apple to retain control of and thus be able to profit more from their product to the detriment of their customers.
Question everything
Having worked with cell switches in the past, I have 2 words for Apple. BULL SHIT!!!
WinMo phones have been open to app developers for years, I don't see them crashing cell towers.
Similarly, people have been "cooking" custom OS image ROMs for WinMo phones for years, and I haven't heard of them crashing cell towers either.
So either the iPhone has no way of crashing cell towers if arbitrary applications are run on it, or it has a severely deficient hardware/software architecture compared to Windows Mobile in terms of security.
retrorocket.o not found, launch anyway?
Additional research by Apple Labs has shown that unlocked iPhones cause erectile dysfunction, global warming, birth defects, and leprosy. Protect yourself by purchasing a new, locked iPhone with a five year contract extension. It's the only way to be safe.
Some mornings it's hardly worth chewing through the restraints to get out of bed.
As other comments point out, the lock is in place on the lower level, because the baseband operations are separate from what jailbreaking gives you. The problems are inherent to the GSM spec, and are maintained thanks to backwards compatibility requirements. Anyone with a transmitter of the appropriate frequency and a computer can cause the same havoc to a GSM provider. By Apple's argument, open source phones like openmoko should be outlawed. A cellular network could be set up with measure to enforce that only approved phones and applications may run, and that is the approach of CDMA (Verizon Wireless).
This sounds a lot like the 40-year-old Carterfone decision, where AT&T argued that allowing people to connect third-party devices to their network could disrupt or degrade service. I'm pretty sure that modems and Panasonic phones didn't ruin the telephone system, and I have a feeling that jailbroken iPhones wouldn't be the end of the world, either.
--Bruce
There are 10 kinds of people in the world: those who understand binary, and those who don't.
Caveat: My understanding of "jailbreaking" is that this allows people to run applications not available in the app store. IE, applications that haven't been blessed by Apple. This is different from unlocking the phone, which allows you to change carriers.
Given that, what is the difference between an iPhone running arbitrary apps and any other smartphone doing the same thing? I'm trying to get my mind around this. Is Apple saying that the fact I could install some third party app on my Treo 750 back when I had it, or can on my Blackberry now, does *not* present a threat to cell towers, but installing a non-blessed 3rd party app on the iPhone does? If so, what makes the iPhone different?
Or is it that this is a danger with all smartphones, and Apple is trying to be responsible with the platform under their control? If so, why haven't we seen widespread reports of people crashing cell towers willy-nilly with some poisonous app running on a Curve?
By this notice, is Apple saying that they have done a thorough security analysis of each and every one of the 65,000 apps available on the app store, and is offering assurance that none of these apps have the ability, say some hidden easter egg, of bringing down a cell tower? Is Apple thereby assuming liability for any cell tower damage that might incur from an app available from the app store? Apple's statement "The technological protection measures were designed into the iPhone precisely to prevent these kinds of pernicious activities, and if granted, the jailbreaking exemption would open the door to them" seems to infer an assumption of liability for non-jailbroken phones. I wonder if Apple has thought through the legal ramifications of these statements.
And finally, is Apple saying that "a local or international hacker" intent on "initiat[ing] commands (such as a denial of service attack) that could crash the tower software, rendering the tower entirely inoperable to process calls or transmit data" would be stopped in his nefarious (and extremely illegal) deeds by the (mild, in comparison) legal prohibition against jailbreaking the phone?
Is that what Apple is saying? I just want to be clear on this.
Or, could the real issue be that Apple has in their contract with AT&T (as RIM does also, unfortunately) that certain capabilities will not be available through the app store that could be used to side-step carrier fees? Is it possible that this is the real issue, and the security issue is a rather weak smoke screen? Mind you, if that really is the case, then fine. It's their product, they can assume any position they want. But have the intellectual honesty to cop to it.
Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
Except AT&T and the iPhone are GSM not CDMA.
The original iPhone supports GSM, considered a 2G standard. The iPhone 3G supports GSM and a 3G standard called UMTS, which is designed to be used alongside GSM networks. UMTS uses a CDMA air interface.
You want to run software in the background?
Theres an app for.. Oh, wait.
Comment removed based on user account deletion
My 3Gs is not jailbroken or unlocked but I had to jailbreak and unlock my 3G before I sold it as it was sold to someone on the Rogers network and that phone was bought at Fido. I would rather not have to risk using untested and forensically unverified just to be able to use foreign sims in my 3GS and I'd be willing to pay a fee to Fido to be able to unlock the device.
Carriers should give consumers a break but giving a legal/official option for unlocking phones especially if we bought it unsubsidized.
Jesus was a compassionate social conservative who called individuals to sin no more.