Think of all the great 3rd party apps these talented individuals could be writing instead of having to spend their time and efforts fighting Apple for the ability to do so. Thanks Apple.. I'm sure Apple will brick it again..
There's one thing that confuses me. Am I right in that these hacks all require taking advantage of an exploit? In other words... does that mean that we're on Apple's case for closing security holes that could be used to execute arbitrary code? I know that the 3rd parties writing these apps are doing it for the greater good, but couldn't someone use these same exploits for less honorable means?
I mean, if iPhones were having security problems we'd be bashing the hell out of Apple for leaving holes in the system.
I think I'm just confused. Can somebody tell me the diff between the good security holes and the bad ones?
I have a funny feeling that things will change when Leopard ships.
@halfeatenfish It's exactly what it looks like. Aside from clearing the Springboard plist, Apple redid the poor security from 1.0x thereby making it difficult for unauthorized 3rd party apps to get back in. A new security hole was discovered, and 3rd party apps are back. Theoretically, all the work used to hack native support again, could be used to hack the crap out of your phone, should you navigate to the wrong website.
You could find yourself with a new icon on your home screen, that you couldn't remove... automatically treating you to spyware and NSFW moments at its leisure... ON YOUR PHONE (I can see the YouTube spoof right now, cueue the music). I knocked Apple for the dialerbug problem (lets you fake the number the user okayed to call), and the WiFi flaw wasn't pretty either. Hopefully they get this one too. I'm going to hand it to these guys, but still wait for Apple's 3rd party solution. This isn't the way. I'm hitting the iPhone Tech Talk today here in Beantown.
@Cleverboy - I agree that ultimately nasty types could also use these exploits for nefarious deeds, which is why i think Apple should just relent and provide everyone with an honest-to-goodness SDK for mobile OSX.
...And if they don't, we can always update and wait for the pirate versions of those Apple-supported apps that are obviously on the gravy train to Cupertino ;)
Reader Comments (Page 1 of 1)
john @ Oct 8th 2007 10:31PM
Think of all the great 3rd party apps these talented individuals could be writing instead of having to spend their time and efforts fighting Apple for the ability to do so. Thanks Apple.. I'm sure Apple will brick it again..
imacmatt09 @ Oct 8th 2007 10:53PM
1.1.2 is going to be a Safari update that blocks TIFF images.
mushrooshi @ Oct 8th 2007 11:40PM
Is this the same john as in all the other posts?
John @ Oct 9th 2007 12:30AM
there are an awful lot of us who didn't think through choosing the name for our comments. Some of us are lowercase j (see above), some are uppercase (
halfeatenfish @ Oct 9th 2007 1:02AM
There's one thing that confuses me. Am I right in that these hacks all require taking advantage of an exploit? In other words... does that mean that we're on Apple's case for closing security holes that could be used to execute arbitrary code? I know that the 3rd parties writing these apps are doing it for the greater good, but couldn't someone use these same exploits for less honorable means?
I mean, if iPhones were having security problems we'd be bashing the hell out of Apple for leaving holes in the system.
I think I'm just confused. Can somebody tell me the diff between the good security holes and the bad ones?
I have a funny feeling that things will change when Leopard ships.
turn_self_off @ Oct 9th 2007 2:11AM
openmoko, nuff said...
Cleverboy @ Oct 9th 2007 3:44AM
@halfeatenfish
It's exactly what it looks like. Aside from clearing the Springboard plist, Apple redid the poor security from 1.0x thereby making it difficult for unauthorized 3rd party apps to get back in. A new security hole was discovered, and 3rd party apps are back. Theoretically, all the work used to hack native support again, could be used to hack the crap out of your phone, should you navigate to the wrong website.
You could find yourself with a new icon on your home screen, that you couldn't remove... automatically treating you to spyware and NSFW moments at its leisure... ON YOUR PHONE (I can see the YouTube spoof right now, cueue the music). I knocked Apple for the dialerbug problem (lets you fake the number the user okayed to call), and the WiFi flaw wasn't pretty either. Hopefully they get this one too. I'm going to hand it to these guys, but still wait for Apple's 3rd party solution. This isn't the way. I'm hitting the iPhone Tech Talk today here in Beantown.
Typhoid Mary @ Oct 9th 2007 10:29AM
@mushrooshi
Why not click on his name and see his profile and find out?
bugmat @ Oct 9th 2007 11:35AM
@Cleverboy - I agree that ultimately nasty types could also use these exploits for nefarious deeds, which is why i think Apple should just relent and provide everyone with an honest-to-goodness SDK for mobile OSX.
...And if they don't, we can always update and wait for the pirate versions of those Apple-supported apps that are obviously on the gravy train to Cupertino ;)