Apple Releases iPhone OS 3.0.1 to Close SMS-Based Security Hole

Posted by:
Date: Friday, July 31st, 2009, 10:29
Category: iPhone

3gs.jpg

Responding to a dangerous security exploit unveiled this week, Apple released an update to its iPhone operating system Thursday to patch the security hole.

iPhone OS has just become available for the iPhone, iPhone 3G and iPhone 3GS handsets. The update is between 230 and 300 megabytes and appears to exclusively fix the reported SMS exploit.

According to AppleInsider, security researcher Charlie Miller, co-author of The Mac Hacker’s Handbook, demonstrated the hack Thursday at the Black Hat 2009 conference in Las Vegas. The attack takes advantage of a vulnerability in the phone’s short messaging service, or SMS, feature, allowing an outside party into the phone’s root access without the owner’s knowledge.

The exploit takes advantage of the fact that SMS can send binary code to a phone which is then automatically processed without user interaction, and can be compiled from multiple messages, allowing larger programs to be sent to a phone. The exploit supposedly exposes the iPhone completely, allowing access to the camera, dialer, messaging and Safari. It occurs regardless of hardware revision or which version of the iPhone OS is running.

The technique involves sending only one unusual text character or else a series of “invisible” messages that confuse the phone and open the door to attack. Given that users won’t know which messages to block in advance, there’s little iPhone owners can do but to shut off the phone immediately if they suspect they’re at risk. Once exploited, the trick could also be used to make an iPhone send additional messages of its own, thereby spreading the problem.

To install the new iPhone OS firmware, simply connect your iPhone to your Mac or PC, open iTunes, select the iPhone in the device window and tell it to check for an update. The process will complete on its own.

If you’ve tried the new firmware, let us know what you make of it in the comments or forums.

Apple Updates Knowledge Base/Troubleshooting Articles for iPhone, Notebook Optical Drives

Posted by:
Date: Friday, July 31st, 2009, 05:20
Category: iPhone, News

applelogo_silver

If you’re in a pinch, the Apple Knowledge Base has generally been a useful place to go. Per MacFixIt, the company has just updated Knowledge Base articles for both its iPhone hardware as well as the slot-loading optical drives found on various Macs and notebooks.

For the iPhone hardware article, click here.

For help with slot-loading optical drives, click here.

Head on over, take a gander and let us know what you think.

Chinese iPhone Gains State Approval

Posted by:
Date: Friday, July 31st, 2009, 04:00
Category: iPhone

3gs.jpg

Over on the China State Regulatory Commission web site (basically the Chinese version of the FCC), the government has apparently approved a GSM/WCDMA cell phone complete with Bluetooth, an internal model number A1324 by Apple Inc. According to Engadget, the device was approved on May 7th, 2009 with the approval certificate set to expire in five years.

That being said, China Unicom should have plenty of time to capitalize on its reported three-year deal to offer the phone in mainland China.

And to sweeten the deal, an image of what may be the Chinese iPhone…

chinaiphone3g