PDA

View Full Version : 1.1.1 Jailbreak Complete, Security Ramifications




MacRumors
Oct 10, 2007, 09:21 AM
http://www.macrumors.com/images/macrumorsthreadlogo.gif (http://www.macrumors.com)

Engadget's Ryan Block has confirmed that a beta test of the latest jailbreak method (http://www.engadget.com/2007/10/10/iphone-and-ipod-touch-v1-1-1-full-jailbreak-tested-confirmed/) for the 1.1.1 firmware of the iPhone and iPod touch works.

The current method uses a vulnerability in 1.1.1's mobile Safari to gain root access to the device. Currently, this is the only method available to jailbreak an already upgraded iPhone or iPod Touch, as previous methods (http://www.macrumors.com/2007/10/08/preliminary-iphone-1-1-1-jailbreak-ringtones-soon/) relied on firmware 1.0.2 still being available.

While the developers are using the Safari vulnerability for somewhat benevolent purposes, it does raise a potential security issue for users. The vulnerability lies in mobile Safari's handling of TIFF images, where viewing a malformed TIFF image allows root access to the device.

While the jailbreak is now complete from all angles, it still does not mean that the methods are ready for adoption by general users. We will consider it ready when Installer.app (http://iphone.nullriver.com/beta/) (or equivalent) is updated for the latest firmware.


Ongoing iPhone coverage at macrumors.com/iPhone (http://www.macrumors.com/iphone/)

Article Link (http://www.macrumors.com/2007/10/10/1-1-1-jailbreak-complete-security-ramifications/)



shoelessone
Oct 10, 2007, 09:23 AM
Woot! Sort of. Well, I def. consider this good news :)


edit: does anybody know what this means for iPhone AT&Tless activation? I've been waiting to buy an iPhone until the thing can be activated without AT&T service....

lozanoj83
Oct 10, 2007, 09:26 AM
Applications here we come! :)

JonHimself
Oct 10, 2007, 09:26 AM
The problem is that this is easily "fixable" by Apple AND they can legitimately say it's for security purposes

fanbrain
Oct 10, 2007, 09:26 AM
I haven't installed jailbreak before, but I'm planning to once Installer.app is available. I can't wait.

matthewHUB
Oct 10, 2007, 09:27 AM
so much for OS X security.... :rolleyes:

I'd rather have a secure web browser and some decent Apple-approved applications, then install this.

dscottbuch
Oct 10, 2007, 09:28 AM
This will certainly be fixed in 1.1.2 and not to frustrate the iPhoneDevTeam but because its an actual security issues. Then what? Without the key to decrypt the frameworks then 1.1.2 will break all of the apps developed here, again, not because Apple wants to frustrate hacker but because they are continuing to change/develop the API.

longofest
Oct 10, 2007, 09:28 AM
so much for OS X security.... :rolleyes:

I'd rather have a secure web browser and some decent Apple-approved applications, then install this.

As much as some people don't like the iPhone Dev team and don't want to actually install the 3rd party apps they develop, you have to say this about them... they find Apple's bugs :)

mainstreetmark
Oct 10, 2007, 09:29 AM
Yep, this is certainly a very temporary situation. It would be impossible to imagine Apple won't close this hole, since it is a security issue.

If I had time, I'd explore how a malformed TIFF could gain you root access. Anybody have a 3 sentence summary?

Edit: Someone said "Apple Approved" applications. Why does Apple have to approve them? They don't for regular Mac applications, thank god. If all apps have to go through some certification scheme, we'll be limited to what we get. In the end, don't install shady apps from shady people (like always) and you'll be fine!

dvkid
Oct 10, 2007, 09:30 AM
This is all good and well, but now we KNOW Apple will fix this in their next update as it is a security vulnerability. In fact, now that it has been brought to light I wouldn't be suprised to see a security update in the next couple of days. Sure, you don't have to install it, but all new iPhones and Touches will already not be able to use this method.

Just seems to be like a whole lot of effort and time going into something that is becoming progressively easier to brick wall.

Yateball
Oct 10, 2007, 09:32 AM
I don't understand how people could install this, knowing full well that the next firmware update will make their device un-useable.

Correct me if I'm wrong but wont your iphones all "brick" once apple fixes this problem and releases the next firmware?

xelphy
Oct 10, 2007, 09:33 AM
I unlocked mine, and it is still 1.0.2 (as I fear that upgrading to 1.1.1 will brick it!) --

Is anyone else in this situation? I mean I love having it unlocked and with all the apps, but sure I'd like to have my cake and eat it too (unlocked/apps, AND 1.1.1)...

Thanks!

Greydog
Oct 10, 2007, 09:36 AM
I don't understand how people could install this, knowing full well that the next firmware update will make their device un-useable.

Correct me if I'm wrong but wont your iphones all "brick" once apple fixes this problem and releases the next firmware?

Because one would imagine that once you jailbreak it, you wouldn't be foolhardy enough to upgrade the firmware to 1.1.2 and re-lock it again.

longofest
Oct 10, 2007, 09:36 AM
I don't understand how people could install this, knowing full well that the next firmware update will make their device un-useable.

Correct me if I'm wrong but wont your iphones all "brick" once apple fixes this problem and releases the next firmware?

not necessarily... I had 3rd party applications installed on my iPhone before 1.1.1. I updated, and all that happened was Apple removed the applications.

The people who got "bricked" were people who used the 3rd party unlocks. unlocking is a subset of a jailbreak, if you will. Jailbreaking comes first... it allows developers of all sorts to write applications. Then, unlockers (those who want to unlock the phone to run on any network) write specific applications that will unlock the phone.

Some of those unlocking applications ended up bricking the iPhone when 1.1.1 was applied.

bdj21ya
Oct 10, 2007, 09:40 AM
From what NerveGas is saying on the dev channel, Niacin is not part of the dev team, and the dev team has their own jailbreak that does NOT rely on the tiff exploit. I'm planning on waiting for the dev team to come out with their solution, even though they aren't doing as good at getting the word out.

sblasl
Oct 10, 2007, 09:40 AM
You have have obviously made a decision to remain in the past. This appears to be be the only way to move forward and it is basically on a course of disaster if you so chose to embark on it. I certainly would not.

I unlocked mine, and it is still 1.0.2 (as I fear that upgrading to 1.1.1 will brick it!) --

Is anyone else in this situation? I mean I love having it unlocked and with all the apps, but sure I'd like to have my cake and eat it too (unlocked/apps, AND 1.1.1)...

Thanks!

bdj21ya
Oct 10, 2007, 09:43 AM
This will certainly be fixed in 1.1.2 and not to frustrate the iPhoneDevTeam but because its an actual security issues. Then what? Without the key to decrypt the frameworks then 1.1.2 will break all of the apps developed here, again, not because Apple wants to frustrate hacker but because they are continuing to change/develop the API.

So just to be clear, Niacin is not on the dev team, and the dev team does reportedly have their own jailbreak, not relying on the tiff exploit.

I hope that the News mods will research this and post an update to this article so we can all avoid confusion.

sblasl
Oct 10, 2007, 09:44 AM
Looks like there is trouble in paradise, First signs of a schism in the iPhone dev community:

http://www.tuaw.com/2007/10/10/first-signs-of-a-schism-in-the-iphone-dev-community/



From what NerveGas is saying on the dev channel, Niacin is not part of the dev team, and the dev team has their own jailbreak that does NOT rely on the tiff exploit. I'm planning on waiting for the dev team to come out with their solution, even though they aren't doing as good at getting the word out.

ASTRX
Oct 10, 2007, 09:48 AM
Yep, this is certainly a very temporary situation. It would be impossible to imagine Apple won't close this hole, since it is a security issue.

If I had time, I'd explore how a malformed TIFF could gain you root access. Anybody have a 3 sentence summary?

Edit: Someone said "Apple Approved" applications. Why does Apple have to approve them? They don't for regular Mac applications, thank god. If all apps have to go through some certification scheme, we'll be limited to what we get. In the end, don't install shady apps from shady people (like always) and you'll be fine!

I'm not a 100% on this, but basically, when safari loads the TIFF it places it in the memory heap. executable intructions are actually allowed to be run from the heap. This means that if the TIFF contains "malicious" code, and the hacker is able to direct the program execution to an address in the heap, the malicious code will be executed. So basically the problem for the hackers have been to redirect the program counter to an address in the heap, which was a bit tricky due to the return address beeing stored in a dedicated register.

Someone please correct me if I'm wrong.

appleisbetter
Oct 10, 2007, 09:49 AM
Is it just me, or is the whole point to and iPhone/Apple Product suppose to be simplicity. I am in Canada, the land of gay marriage and Weed. It is also the land of Rogers and therefore years behind the USA. I expect I will never live to see the day I can get an iPhone here with a fair monthly rate, and at a fair price. The dollar is at par and I want to get one in the USA and bring it up here, but I feel at the end of the day having an iPhone in Canada is more trouble than it is worth. Having an iPhone unlocked seems to be more of a headache than it is worth. I am ready to just give up on the iPhone in Canada, and smoke my pain away. :-(

plumbingandtech
Oct 10, 2007, 09:51 AM
The current method uses a vulnerability in 1.1.1's mobile Safari to gain root access to the device.

Let's all get the facts straight.

When 1.1.2 comes out and fixes this SECURITY HOLE.... apple is NOT being greedy or evil towards 3rd party apps.

Of course I expect few to remember this and complain, but we now see as I and others have said, apple fixes security holes to make the iphpne safer.

And as a result, many or most 3rd party hacks based on this security hole will fail.

Don't like this?

Don't hack your phone. Becase this is going to be an endless cycle for the time being.

Yateball
Oct 10, 2007, 09:52 AM
not necessarily... I had 3rd party applications installed on my iPhone before 1.1.1. I updated, and all that happened was Apple removed the applications.

The people who got "bricked" were people who used the 3rd party unlocks. unlocking is a subset of a jailbreak, if you will. Jailbreaking comes first... it allows developers of all sorts to write applications. Then, unlockers (those who want to unlock the phone to run on any network) write specific applications that will unlock the phone.

Some of those unlocking applications ended up bricking the iPhone when 1.1.1 was applied.

Very informative, I thought apple was "bricking" anyone with 3rd party.... anything.... on their iphone.

Thanks for the info

benpatient
Oct 10, 2007, 09:58 AM
So why are threads about running OS X on a PC closed down on this forum when open discussion of hacking is encouraged on the front page of mr.c on a regular basis? "but it's OK, cause it's the iphone and exempt from the rulz!"

Don't get me wrong, I think it is fine to discuss things like this. I just think it stinks that the moderators crack down on "inappropriate" content when someone is talking about violating a software license or getting around copy protection, etc, and then encouraging the exact same things with the iphone. This is MAC rumors, not iPHONE rumors. Maybe start a new site and put a big link at the top of mr.c pointing people towards iphonerumors.com if that's what they want, then relegate iphone conversations to a forum area inside the "Apple hardware" section of the forums list instead of on top of that section in its own section.

The iphone is cool. But I use OS X every day and I want to know about that, not about stupid pointless hacking of safari TIFF files on the iphone. It isn't like this hack will last.

/rant

DaBrain
Oct 10, 2007, 10:04 AM
The problem is that this is easily "fixable" by Apple AND they can legitimately say it's for security purposes

Yeah I agree! I don't get all the Hype on this! I can see it now. People install a bunch of Apps on their iPhone and iPod Touch and several weeks later Apple puts out an irresistable update and Wham all the crying begins again! It's like people are a glutton for self-punishment! A never ending cyle!

Until Apple puts out an SDK I for one would not want to play this game! Good Luck All! :rolleyes:

bdj21ya
Oct 10, 2007, 10:09 AM
So why are threads about running OS X on a PC closed down on this forum when open discussion of hacking is encouraged on the front page of mr.c on a regular basis? "but it's OK, cause it's the iphone and exempt from the rulz!"

Don't get me wrong, I think it is fine to discuss things like this. I just think it stinks that the moderators crack down on "inappropriate" content when someone is talking about violating a software license or getting around copy protection, etc, and then encouraging the exact same things with the iphone. This is MAC rumors, not iPHONE rumors. Maybe start a new site and put a big link at the top of mr.c pointing people towards iphonerumors.com if that's what they want, then relegate iphone conversations to a forum area inside the "Apple hardware" section of the forums list instead of on top of that section in its own section.

The iphone is cool. But I use OS X every day and I want to know about that, not about stupid pointless hacking of safari TIFF files on the iphone. It isn't like this hack will last.

/rant

I think the big difference is that Apple has locked people out of 3rd party development, creating a LOT of pressure to hack. In most cases hacking is only of interest to such a small group, but with the iphone it is becoming a mainstream concern.

Apple failed to lock the original phone very well, and so people got a taste of what the iPhone was really capable of. Now we're just all hoping to have the best of both worlds, Apple's updates, and the software from 3rd parties.

If you ask me, the big concern here is unlockers. While I sympathize, I kind of worry that they increase Apple's incentive to jail the iphone to keep their contract with AT&T.

Rhosfelt
Oct 10, 2007, 10:12 AM
it won't brick the iPt only the unlocked iPhones were hurt the iPt isn't unlocked so apple won't worry about bricking until they start selling their own apps.

I will be installing as soon as I hear enough people saying it is stable...or if I'm really bored when it first comes out.

vitaflo
Oct 10, 2007, 10:13 AM
Well, Apple must be pleased, they now have dozens of testers looking for security leaks for them for free.

Virgil-TB2
Oct 10, 2007, 10:15 AM
http://www.macrumors.com/images/macrumorsthreadlogo.gif (http://www.macrumors.com)

Engadget's Ryan Block has confirmed ...Personally, I am getting tired of the iPhone hacker stuff.

I am also tired of hearing the 1.1.1 "jailbreak" being announced over and over again. This is the 3rd time I have read an article about it, only to find out in the fine details that it's still "not quite." I mean what's the point of engadget saying it's "verified" if it notes in the same article that they don't have "reliable read and write" access, and "don't know what's going on" in that regard??? I kind of seriously doubt this hack will ever be ready, and that the hackers days are numbered.

The 1.0.2 stuff was all fascinating, but now in hindsight, we know that Apple basically left the door on the iPhone open on purpose so as to see how the hackers proceeded.

With 1.1.1 everything is encrypted, and if not for a well-known Safari vulnerability (Apple leaving the door open again?), the hackers would most likely not have even got close to a jailbreak again.

We can expect a 1.1.2 (or whatever) update in a matter of days or a couple of weeks at most, almost certainly closing the Safari loophole, but it seems likely to me that there won't even be a working hack at that time to break.

With all the OS-X'y (sexy?) goodness expected of Leopard and the assumed, associated iPhone update will anyone care that the hackers finally got into 1.1.1 a couple of days earlier? How likely is it that they will ever get into an OS environment where every single thing is encrypted and locked down with certificates?

I think the hackers are engaged not in a game of cat and mouse, but in a game of "let's believe we have a chance." Unless the hacker community has a working qbit computer up their collective bums, this doesn't sound like it will ever happen to me.

donlphi
Oct 10, 2007, 10:15 AM
And if you thought it was tough breaking into 1.1.1, wait until 1.1.2.

My iPhone hacking days are done unless somebody comes out with a way to view my slingbox. If I want to play Nintendo, I'll buy one on eBay for $100. I'm not going to brick my $500 iPhone over it. I don't want to hear about any lawsuits when you can't get your phone to turn on anymore. :rolleyes:

I predict a pretty sweet update come Leopard Day... whenever that officially is. Third Party Apps? Games? an App Developer? They'll only charge you $.99 to make your own apps.

Good luck though. :D

Rustus Maximus
Oct 10, 2007, 10:17 AM
Yeah I agree! I don't get all the Hype on this! I can see it now. People install a bunch of Apps on their iPhone and iPod Touch and several weeks later Apple puts out an irresistable update and Wham all the crying begins again! It's like people are a glutton for self-punishment! A never ending cyle!

Welcome to the age of entitlement and victimhood, please be sure to pick up your free copy of 'Who Can I Blame for Everything Wrong in My Life?' and its best selling sequel, 'Everyone Who Won't Let Me do What I Want to do is Evil!'

BiikeMike
Oct 10, 2007, 10:24 AM
I don't know why you all say this this hack will be useless. There Are plenty of people with iPhones that have not updated to 1.1.1, so those of us that have iPod touches, or iphones with 1.1.1 just won't update to 1.1.2.

Its that easy, see?

speakerwizard
Oct 10, 2007, 10:26 AM
basing this sort of hack on a vulnerability seems silly, now its in the open apple will do their best to patch the vulnerability as a vulnerability which will close that door on the jailbreak, and frankly im glad. as a user with no hacks, i want the security vulnerability patched.

kingtj
Oct 10, 2007, 10:28 AM
And what some people seem to be ignoring is that fact that until the iPhone was jailbroken and able to be accessed from a Terminal prompt using the latest firmware, developers were only guessing as to what changes lied beneath.

Apparently, firmware 1.1.1 changed around MANY of the system calls in the framework from what was in 1.0.x ... so most of the applications will need to be re-written to run under it again.

Saying "It's pointless to go through all this to hack into 1.1.1, when Apple will just come along and close up the holes in 1.1.2!" is incorrect. Being able to "have a good look around" inside 1.1.1 should open up more possibilities for how to approach getting into the next version of the firmware. It also lets developers get their applications updated so they'll run under the revision 1.1.x firmwares again.


I think the big difference is that Apple has locked people out of 3rd party development, creating a LOT of pressure to hack. In most cases hacking is only of interest to such a small group, but with the iphone it is becoming a mainstream concern.

Apple failed to lock the original phone very well, and so people got a taste of what the iPhone was really capable of. Now we're just all hoping to have the best of both worlds, Apple's updates, and the software from 3rd parties.

If you ask me, the big concern here is unlockers. While I sympathize, I kind of worry that they increase Apple's incentive to jail the iphone to keep their contract with AT&T.

guzhogi
Oct 10, 2007, 10:30 AM
I remember reading other iPhone threads and there have been several posts that said that if you're not happy w/ the iPhone or how Apple handles it, get a different phone. That's a little BS b/c what if there's no phone out there you ARE happy with? I can understand these companies will want to do something a specific way, but it is we, the consumers, who should drive what features an item has, not necesarily the companies. Sure, some people want unrealistic things, but many things (like an NES emulator, IM app, etc.) are all very possible. So Apple & all companies should be more attentive to what people want and give them it.

freediverdude
Oct 10, 2007, 10:36 AM
Oh great, so now what we're going to have is different iPhone application levels. We'll end up with one set of apps for the people who have firmware 1.0.x and didn't upgrade from there, another set of apps for people who upgraded to 1.1.1 but not to 1.1.2, and so on from there for each firmware version. And then somebody will be able to make a fortune off selling a book with tables telling people which apps they can get with which firmware.....this is going to get ridiculous.

Clive At Five
Oct 10, 2007, 10:43 AM
Okay, this is a good first step. Like people have said, though, Apple will patch this. Still, 1.1.1 is siezed. Can they now install decryption on it and find the appropriate keys? That would be my next step, although I don't know anything about hacking computer software :P

-Clive

Rustus Maximus
Oct 10, 2007, 10:52 AM
I remember reading other iPhone threads and there have been several posts that said that if you're not happy w/ the iPhone or how Apple handles it, get a different phone. That's a little BS b/c what if there's no phone out there you ARE happy with? I can understand these companies will want to do something a specific way, but it is we, the consumers, who should drive what features an item has, not necesarily the companies. Sure, some people want unrealistic things, but many things (like an NES emulator, IM app, etc.) are all very possible. So Apple & all companies should be more attentive to what people want and give them it.

You are correct Guz in that consumers should drive product features, and they usually do just as they will in this case. However, Apple and AT&T have an agreement at the moment, an agreement that made the iPhone a reality rather just another cool idea that Apple wanted to get out there.

Patience is a great virtue and Apple is not a stupid company, nor are they the 'New Microsoft' as some have insanely accused them of in the many threads on the illegal iPhone agreement violations. (start your, 'Rustus is a fanboy!' rants here kiddies). Apple will eventually open up the iPhone to legitimate 3rd party apps but they will do it in their time and their way because in the end it's their product and their reputation on the line.

Agree with them for what they are doing, hate them for what they are doing, they are a private company selling a product to you with your full knowledge of its limitations at the present.

So...choose...be happy with what they are offering which is good but not quite yet everything you want it to be...or go with another phone which you've already said isn't what you want either...or...wait.

Patience...is a virtue.

javaGuru
Oct 10, 2007, 10:53 AM
I would have to assume that Apple is also aware of this security issue and is probably working to fix it. Which means we should probably expect another iPhone update within the near future to patch this security hole.

Malakas07
Oct 10, 2007, 10:59 AM
I think the big difference is that Apple has locked people out of 3rd party development, creating a LOT of pressure to hack. In most cases hacking is only of interest to such a small group, but with the iphone it is becoming a mainstream concern.



I doubt this very much. The hacking community accounts for a very small percentage to the overall community.

I think there was overwhelming request for custom ringtones. But for customs applications the demand isn't that great.

I know several iPhone owners that don't know about the hacking that takes place. Alot of them including myself wouldn't even gamble with the very thought of giving $500 to Apple and still pay monthly for service that cannot be used.

Doctor Q
Oct 10, 2007, 11:01 AM
Apple should be ashamed of itself because (take your pick):They're going to quickly patch the Safari TIFF vulnerability, breaking users' ability to install applications.

They're not going to quickly patch the Safari TIFF vulnerability, leaving users susceptible to potential security problems.Shame on you, Apple! :rolleyes:

123
Oct 10, 2007, 11:04 AM
So...choose...be happy with what they are offering which is good but not quite yet everything you want it to be...or go with another phone which you've already said isn't what you want either...or...wait.

Or hack it and enjoy the phone you want.

Consultant
Oct 10, 2007, 11:04 AM
I remember reading other iPhone threads and there have been several posts that said that if you're not happy w/ the iPhone or how Apple handles it, get a different phone. That's a little BS b/c what if there's no phone out there you ARE happy with? I can understand these companies will want to do something a specific way, but it is we, the consumers, who should drive what features an item has, not necesarily the companies. Sure, some people want unrealistic things, but many things (like an NES emulator, IM app, etc.) are all very possible. So Apple & all companies should be more attentive to what people want and give them it.

Well, people should send feedback to apple at www.apple.com/feedback

kyrow123
Oct 10, 2007, 11:04 AM
You are correct Guz in that consumers should drive product features, and they usually do just as they will in this case. However, Apple and AT&T have an agreement at the moment, an agreement that made the iPhone a reality rather just another cool idea that Apple wanted to get out there.

Patience is a great virtue and Apple is not a stupid company, nor are they the 'New Microsoft' as some have insanely accused them of in the many threads on the illegal iPhone agreement violations. (start your, 'Rustus is a fanboy!' rants here kiddies). Apple will eventually open up the iPhone to legitimate 3rd party apps but they will do it in their time and their way because in the end it's their product and their reputation on the line.

Agree with them for what they are doing, hate them for what they are doing, they are a private company selling a product to you with your full knowledge of its limitations at the present.

So...choose...be happy with what they are offering which is good but not quite yet everything you want it to be...or go with another phone which you've already said isn't what you want either...or...wait.

Patience...is a virtue.

Exactly. Hacking the phone is great and all and keeps some people interested in the possibilites the iPhone has, but in reality, do you not just want a more safe phone, especially if you are getting emails and taking personal calls on it. I personally don't want someone to exploit a vulnerability in my phone and gain root access. I don't think that seems unreasonable at all. As for Apple purposely stopping the hacks, they probably do since it is their product and are a company that I would say enjoy making money, can we really fault them for that.

I truly believe that we, as consumers, should have the ability to influence those things business release, but we also have to understand that what I want may not always be what you want, and thats where the Business decides what is best for a majority of us.

Rustus Maximus
Oct 10, 2007, 11:05 AM
Or hack it and enjoy the phone you want.

<knock, knock>

Hello in there 123?

What color is the sky in your world?

grappler
Oct 10, 2007, 11:07 AM
I suppose one side effect of all these games with 1.1.1 could be improved security. With a lot of bright people hammering away in a race to break in, and posting about their experiences on the web, Apple can take note of exactly where the weaknesses are.

Then, assuming they release an SDK later, maybe they will have used all this free security testing to help lock down the areas of the phone that really should be secure to guard against malicious code.

A guy can hope...

Consultant
Oct 10, 2007, 11:08 AM
I doubt this very much. The hacking community accounts for a very small percentage to the overall community.

I think there was overwhelming request for custom ringtones. But for customs applications the demand isn't that great.

I know several iPhone owners that don't know about the hacking that takes place. Alot of them including myself wouldn't even gamble with the very thought of giving $500 to Apple and still pay monthly for service that cannot be used.

If you ever use custom apps on the iPhone, you won't be saying that. A number of very smart people have put in lots of effort to make the iPhone experience even better (such as putting IM client on it, which means free SMS messaging via AIM).

The hacks will work as long as you don't update the firmware! If it stops working, iPhones CAN BE RESTORED TO FACTORY DEFAULT via iTunes.

epicwelshman
Oct 10, 2007, 11:15 AM
Apple's gonna patch this up so fast.

Anyone think there's a slight possibility that Apple may try and purposefully and permanently damage unlocked iphones... would they become more aggressive?

plumbingandtech
Oct 10, 2007, 11:16 AM
A number of very smart people have put in lots of effort to make the iPhone experience even better

Correct.

And the number of people that installed 3rd party hacks and took the poll on one of the most popular mac web sites....

http://www.macpolls.com/?poll_id=560

4,851

Out of 1.X million iphones.

Unspeaked
Oct 10, 2007, 11:16 AM
This will certainly be fixed in 1.1.2 and not to frustrate the iPhoneDevTeam but because its an actual security issues. Then what? Without the key to decrypt the frameworks then 1.1.2 will break all of the apps developed here, again, not because Apple wants to frustrate hacker but because they are continuing to change/develop the API.

Isn't that the point?

Anything the DevTeam does will be broken by Apple's next update.

Any fix Apple makes will be cracked by the DevTeam.

And on and on and on and on...




4,851

Out of 1.X million iphones.

Please tell me you're not opening up *this* can of worms again....

MysterMac
Oct 10, 2007, 11:19 AM
Ive got 2 brand spanking untouched iphones, I believe both v1.02, which Ive been holding off jailbreaking/unlocking for some weeks now. Im in the UK and do not want an O2 contract. With Leopard just around the corner, Im wondering what to do - as when I upgrade (on the day its released) I will no longer have the necessary version of itunes installed (v7.4.1) (although I do have an old PC Id prefer to not have to PC sync)
Its 1 thing to not update the iphone, but to be unable to sync it or even upgrade my mac to leopard is another. :apple:

nickbates
Oct 10, 2007, 11:19 AM
Welcome to the age of entitlement and victimhood, please be sure to pick up your free copy of 'Who Can I Blame for Everything Wrong in My Life?' and its best selling sequel, 'Everyone Who Won't Let Me do What I Want to do is Evil!'

Best and most accurate (for these forums) quote ever!

parrotheadmjb
Oct 10, 2007, 11:19 AM
does installer.app run on windows xp

ChrisA
Oct 10, 2007, 11:22 AM
This means two things, I think

there is a error (bug) in the TIFF reader library some place and,
They are running safari as root.


Both of the above should be embarrassing to Apple. I think their software developers and QA testers are spread to thin. Neither of these things should be inside the iPhone. I'm sure Apple will fix at least #1 quickly.

If people want to write applications on a phone why not simply buy a pjone that is based on Open Source Linux? Buy one of these phones and it is as open as your own desktop computer.

plumbingandtech
Oct 10, 2007, 11:23 AM
Please tell me you're not opening up *this* can of worms again....

Which can? The one with 4,851 worms in it?

Consultant
Oct 10, 2007, 11:24 AM
Ive got 2 brand spanking untouched iphones, I believe both v1.02, which Ive been holding off jailbreaking/unlocking for some weeks now. Im in the UK and do not want an O2 contract. With Leopard just around the corner, Im wondering what to do - as when I upgrade (on the day its released) I will no longer have the necessary version of itunes installed (v7.4.1) (although I do have an old PC Id prefer to not have to PC sync)
Its 1 thing to not update the iphone, but to be unable to sync it or even upgrade my mac to leopard is another. :apple:

You can install Leopard in a new partition. Or transfer your existing OS X to a partition of an external drive using Disk Utility (make disk image and restore).

Consultant
Oct 10, 2007, 11:26 AM
Correct.

And the number of people that installed 3rd party hacks and took the poll on one of the most popular mac web sites....

http://www.macpolls.com/?poll_id=560

4,851

Out of 1.X million iphones.

Do you think all iPhone users use that web site? Only a small subsection of users knows about it. For the users who knows about it, a portion did not see the poll and the ones who see the poll can choose not to participate in the poll due to various reasons (i.e. they don't participate in polls).

Malakas07
Oct 10, 2007, 11:26 AM
Correct.

And the number of people that installed 3rd party hacks and took the poll on one of the most popular mac web sites....

http://www.macpolls.com/?poll_id=560

4,851

Out of 1.X million iphones.

Exactly. Very small percentage. There could be more and there could be less. But not enough for Apple to reconsider.

And trust me. I've hacked several of my previous phones to my own liking but Motorola, Nokia, Sony etc. never issued updates that threw a wrench into things. Apple will and will continue to do so. I'd really like to utilize a MMS client. But the way you have to go about it is not worth the hassle at this point of time.

robbyx
Oct 10, 2007, 11:28 AM
So, people are now going to use a security vulnerabilty to "jailbreak" their iPhones only a few weeks after Apple squashed the previous method for doing so? How long will it be before Apple plugs this hole? And your iPhone is an iBrick? Then you'll complain, threaten to sue, raise holy hell in the forums, etc.

I'm generally in favor of the user being able to do what he wishes with the product he has purchased. You paid for it. It's your choice. Apple has made it very clear that they don't want third party development happening for the iPhone (outside the Safari environment) right now. So while it's your choice to apply these hacks to the phone, I'm pretty sick of the whining that goes along with Apple firmware updates.

And now we have class-action lawsuits? It's absurd. No one is suing car companies over the inability to install Tetris on the built-in computer. Apple doesn't *owe* the user anything beyond what has been sold. Apple views the iPhone as a CE device, not a computer, and therefore doesn't want you messing around with it. So, stop whining when you screw something up and take responsibility for your own actions!

I love my iPhone and, quite frankly, haven't seen a single third party app that justifies "jailbreaking" my phone. Furthermore, since I know that Apple is never going to embrace the hackers who are hacking the phone or the hacked phones themselves, why jailbreak in the first place? The value added is marginal at best and you risk turning your phone into a $400 paperweight. Sorry, I just don't get it.

So please, if you apply these hacks and something goes wrong or Apple plugs the hack in the next firmware update, do us all a favor and stop whining about it!!! And no stupid lawsuits. There are enough of those already.

guzhogi
Oct 10, 2007, 11:30 AM
I doubt this very much. The hacking community accounts for a very small percentage to the overall community.


I wouldn't be surprised if a lot of people are doing it. Maybe not even 50%, but just remember there are more than 1,000,000 sold and 50% is still a lot of people.

Well, people should send feedback to apple at www.apple.com/feedback

Very true. I wonder if Apple really does anything w/ that. Just remember that actions speak louder than words. Maybe if enough people hack their phones, Apple will release a real SDK for native apps.

parrotheadmjb
Oct 10, 2007, 11:31 AM
does installer.app run on windows xp?

Unspeaked
Oct 10, 2007, 11:35 AM
Which can? The one with 4,851 worms in it?

So, you're claiming that because only 4,851 people said they hacked their iPhones on some random MacRumors poll, that's the total number of phones that have been hacked?

As I've explained to you in two other threads, this is not how polls work. But since you clearly can't grasp that, let me follow your logic and show how even if we take your approach, you're wrong.

You see, MacRumors has 114,394 registered users. That means that the 4,851 who said they hacked their phone represent just about 4.25% of total users.

But wait, not everyone on MacRumors has an iPhone. In fact, most people here don't, which is obvious from reading the forums. Still, I'd say 1 in 5 users (or 20%) is a very generous number, so let's go with that.

If 20% of MacRumors users have a phone (22,879 total) that means the number who admit to hacking their phone is actually 21%.

If we take that 21% and apply it to all iPhones sold, we have 200,000 hacked iPhones. Heck, even if we use the 4.25% number and assume EVERYONE on MacRumors has an iPhone, that's still over 40,000 hackers.

Congratulations, you just proved that there's even more iPhone hackers than I suspected! Brilliant!

robbyx
Oct 10, 2007, 11:39 AM
I remember reading other iPhone threads and there have been several posts that said that if you're not happy w/ the iPhone or how Apple handles it, get a different phone. That's a little BS b/c what if there's no phone out there you ARE happy with? I can understand these companies will want to do something a specific way, but it is we, the consumers, who should drive what features an item has, not necesarily the companies. Sure, some people want unrealistic things, but many things (like an NES emulator, IM app, etc.) are all very possible. So Apple & all companies should be more attentive to what people want and give them it.

The product is only a few months old for goodness sakes!!! Have some patience. Sheesh.

The iPod was out for years before Apple started embracing third party partners, apps, etc. And they did so (and continue to do so) in a measured, calculated way to ensure a quality user experience.

Give Apple a chance. The iPhone is a new product and they don't want you screwing around with it right now. You want IM? There are several web-based IM clients available now. Just as there are many other interesting third party apps that don't require violating your license agreement and voiding your warranty. Yeah, an NES emulator is really worth it. Give me a break.

robbyx
Oct 10, 2007, 11:42 AM
I wouldn't be surprised if a lot of people are doing it. Maybe not even 50%, but just remember there are more than 1,000,000 sold and 50% is still a lot of people.

This is CE device. The majority of people buying it have no interest in hacking it. They're too busy working or using their iPhones productively to hack it so they can run an NES emulator. Woohoo!

You're living in a fantasy land if you think 50% of iPhone customers are hacking their phones. Try .5%.

Very true. I wonder if Apple really does anything w/ that. Just remember that actions speak louder than words. Maybe if enough people hack their phones, Apple will release a real SDK for native apps.

Sounds like the kid who thinks that if he tantrums enough, his parents will give him what he wants. Utterly puerile logic.

Consultant
Oct 10, 2007, 11:42 AM
If you don't want to hack it, then get the latest firmware. Other people hacking their phone won't affect stability or security of YOUR phone.

If you do want to hack it, then you know the risks. No whining if you choose to install new firmware even if warnings are not to. And keep a copy of all the tools and iTunes image you use.

Unspeaked
Oct 10, 2007, 11:43 AM
The iPod was out for years before Apple started embracing third party partners, apps, etc. And they did so (and continue to do so) in a measured, calculated way to ensure a quality user experience.

The iPhone - especially the original - was never intended to function as much more than a music player with a few throwaway Apple apps (like Bricks and contacts) on it.

Anything that happened after the fact was a natural evolution of a the product.

The iPhone was specifically released to do several things - be a phone, a world class web navigator and a music player, and run Mac OS X for future application development.

They're two very different things.

Unspeaked
Oct 10, 2007, 11:47 AM
You're living in a fantasy land if you think 50% of iPhone customers are hacking their phones. Try .5%.

Not that I think the number is anywhere near 50%, it's certainly more than .5%, as we had that many people admit to hacking their iPhone in the aforementioned MacRumors poll, alone!

My realistic guess is 5 - 15%, probably closer to 10%. But I think it's a lot more than the low-ballers think, and a lot less than the high-ballers do...

EagerDragon
Oct 10, 2007, 11:49 AM
Not only are you using the vulnerability to unlock the iPhone, but the vulnerability is still present for someone else to install what ever else they want on your iPhone and you can not stop them.

This is common in the windows world, good sites get hacked and the hacker install malware to infect all users that visit the page. You maybe next.

Besides, Apple will patch this one in a few days, around the time that that they release Leopard. It will bring new functionality that most people will find it hard not to upgrade the iPhone.

I see more bricks for my brick wall.

robbyx
Oct 10, 2007, 11:49 AM
...and run Mac OS X for future application development.

They're two very different things.

Um, just because it runs a flavor of OS X doesn't mean that Apple intended it to be available for future application development. They never said this. In fact, they said quite the opposite. But the whiners, clearly, don't hear very well.

EagerDragon
Oct 10, 2007, 11:52 AM
I posted a lot of related posts stating most of what is stated in this article in the previous thread "
http://www.macrumors.com/css/im/titlebar_topright%20red.gif
Preliminary iPhone 1.1.1 'Jailbreak', Ringtones Soon? (http://www.macrumors.com/2007/10/08/preliminary-iphone-1-1-1-jailbreak-ringtones-soon/)

"

A little credit would not hurt.

vga4life
Oct 10, 2007, 11:55 AM
<knock, knock>

Hello in there 123?

What color is the sky in your world?

Why is it any of your business or concern what people do with the things they buy themselves?

I'd also like to point out (for the "OMG illegal hax" crowd) that Apple doesn't make you sign a contract when you buy an iPhone in a store. You hand over cash and you get a box - on planet Earth, we call that a sale. Additional terms imposed on the purchaser after the conclusion of the sale are essentially unenforceable. That's right, kids: most EULAs are unenforceable in non-UCITA states. Look it up.

EagerDragon
Oct 10, 2007, 11:56 AM
As much as some people don't like the iPhone Dev team and don't want to actually install the 3rd party apps they develop, you have to say this about them... they find Apple's bugs :)

Long term you are absolutly right,

I hope they are being responsible and reporting the bug details to Apple instead of showing the BlackHacks how to attack iPhone users.

I hope Apple develops a patch this week as users are exposed. But likely they will wait until Leopard is released.

Mulyahnto
Oct 10, 2007, 11:58 AM
This is CE device. The majority of people buying it have no interest in hacking it. They're too busy working or using their iPhones productively to hack it so they can run an NES emulator. Woohoo!

You're living in a fantasy land if you think 50% of iPhone customers are hacking their phones. Try .5%.

Yea, seriously...What's the rush to hack anyway?

Unspeaked
Oct 10, 2007, 11:58 AM
Um, just because it runs a flavor of OS X doesn't mean that Apple intended it to be available for future application development. They never said this. In fact, they said quite the opposite. But the whiners, clearly, don't hear very well.

Well, Steve Jobs said the reason the phone has OS X is because:

"It let us create desktop class applications and networking, not the crippled stuff you find on most phones. These are real desktop applications."

If that's not a statment that there would be future application development, I don't know what is. In any case, there's currently no desktop class applications on the iPhone, so I'm still waiting.

robbyx
Oct 10, 2007, 12:01 PM
Well, Steve Jobs said the reason the phone has OS X is because:

"It let us create desktop class applications and networking, not the crippled stuff you find on most phones. These are real desktop applications."

If that's not a statment that there would be future application development, I don't know what is. In any case, there's currently no desktop class applications on the iPhone, so I'm still waiting.

"It let US create...", as in Apple, not as in random hacker. Sure, down the road, Apple might release an SDK or start working with a handful of blessed developers. All possible. But that's pure speculation and has nothing to do with "jailbreaking" the phone.

Orge
Oct 10, 2007, 12:02 PM
Correct.

And the number of people that installed 3rd party hacks and took the poll on one of the most popular mac web sites....

http://www.macpolls.com/?poll_id=560

4,851

Out of 1.X million iphones.

Actually, if you look at the stats on that poll:
31% Installed Apps
29% Didn't install apps
40% Don't own an iphone

That would mean that 50% of the respondees, who had iphones, had installed 3rd party applications... It would be as unfair to extrapolate these stats up to the entire iphone user base (as macpolls readers may be biased), but your argument is bs.

Between the apptap/installer download stats and this survey, it's probably fair to suggest that 5-10% of iphone users may have used some 3rd party applications. That's a few more than "5000" users and quite a feat, when you consider the process involves hacking... You would have to be pretty blinkered to presume that the only people this appeals to are hackers and geeks.

J

guzhogi
Oct 10, 2007, 12:04 PM
This is CE device. The majority of people buying it have no interest in hacking it. They're too busy working or using their iPhones productively to hack it so they can run an NES emulator. Woohoo!

You're living in a fantasy land if you think 50% of iPhone customers are hacking their phones. Try .5%.

I didn't say it was 50%, just saying that if that even 1% is still a large number of people (about 10,000 for every 1,000,000). And don't forget the people who may not have hacked their phones, but wanted to. Just b/c people don't do something doesn't mean they don't WANT to.

Sounds like the kid who thinks that if he tantrums enough, his parents will give him what he wants. Utterly puerile logic.

What if throwing a tantrum actually works? In my experience, sometimes the only way to get things done is by throwing a tantrum. Many people today are just too apathetic to do anything. They may say that's too difficult, not worth the effort. That's BS, IMO. Sure somethings can't change, but people have got to try.

While I agree with those who say Apple shouldn't open up right away, they should still open up the iPhone & iPod Touch sometime.

Unspeaked
Oct 10, 2007, 12:05 PM
"It let US create...", as in Apple, not as in random hacker. Sure, down the road, Apple might release an SDK or start working with a handful of blessed developers. All possible. But that's pure speculation and has nothing to do with "jailbreaking" the phone.

Don't backtrack...

I never said anything about third party applications, I just pointed out that the iPhone was not the same as the iPod in that it was created with the intention of expansion.

You replied by saying by saying that just because it has OS X on it didn't mean there'd be any future application development.

I never made any qualifiers about third party apps, I was simply trying to say the iPhone is far from the static device the iPod originally was.

Unspeaked
Oct 10, 2007, 12:07 PM
Between the apptap/installer download stats and this survey, it's probably fair to suggest that 5-10% of iphone users may have used some 3rd party applications. That's a few more than "5000" users and quite a feat, when you consider the process involves hacking... You would have to be pretty blinkered to presume that the only people this appeals to are hackers and geeks.

You bring up excellent points, but I'm afraid those that don't want to see and hear will continue covering their eyes and ears.

edoates
Oct 10, 2007, 12:07 PM
Woot! Sort of. Well, I def. consider this good news :)


edit: does anybody know what this means for iPhone AT&Tless activation? I've been waiting to buy an iPhone until the thing can be activated without AT&T service....

You "good news" guys are nuts. This requires a security hole in Safari and we should not be applauding such flaws, rather clamoring for Apple to fix them; and they will asap. 1.1.2 can't be far away. And that security patch will be the good news.

to respond to your edit: if you don't want ATT, don't buy this phone. There are other non-Apple choices. Sprint/Nextel lost 300,000 subscribers last year or so according to Sprint news releases, and many went to ATT and Verizon. If iPhones didn't sell well due to the ATT connection, you can bet that the deal would be renegotiated. But when you buy one, even if you intend to unlock it, the Apple and ATT is reinforced and they think it is working.

Eddie O.

artalliance
Oct 10, 2007, 12:07 PM
Why is it any of your business or concern what people do with the things they buy themselves?


That's exactly the point - most of us DON'T CARE what you do with your phone.
Just don't come back and complain about the potential damages YOUR actions have created. Deal?

EagerDragon
Oct 10, 2007, 12:09 PM
Yep, this is certainly a very temporary situation. It would be impossible to imagine Apple won't close this hole, since it is a security issue.

If I had time, I'd explore how a malformed TIFF could gain you root access. Anybody have a 3 sentence summary?

Edit: Someone said "Apple Approved" applications. Why does Apple have to approve them? They don't for regular Mac applications, thank god. If all apps have to go through some certification scheme, we'll be limited to what we get. In the end, don't install shady apps from shady people (like always) and you'll be fine!

Yes, see my previous posts in "
http://www.macrumors.com/css/im/titlebar_topright%20red.gif
Preliminary iPhone 1.1.1 'Jailbreak', Ringtones Soon? (http://www.macrumors.com/2007/10/08/preliminary-iphone-1-1-1-jailbreak-ringtones-soon/)" thread.

The way most of these work is that they change the size or the repeat count specified in the data structure of the tiff file so it looks reasonable, then they change the actual size of the byte string to a huge number of characters. The code of the decoder only implements a small amount of data validation and copies the huge string into an area of memory that is much smaller (due to the lie on the size). This corrupts memory and sooner or later it blows. If they know exactly what is in that memory they can figure out where the return address is in the stack. By overwritting the stack so the return address from the routine call points to the malicious code that is part of the "TIFF file", they fool the system into executing the code. This is a very old technique.

How they get root???? Well Apple is running all the code as root, so taking over any application or process results in root access.

Also this could have been mitigated if they were marking some of the memory as non-executable. Some of the CPU (s) have this facility so if they overwrite a section of memory that is not executable, the hack will not work.

Not sure who their security guy is but I wish I had his phone number.

Random Ping
Oct 10, 2007, 12:09 PM
This means two things, I think

there is a error (bug) in the TIFF reader library some place and,
They are running safari as root.


Both of the above should be embarrassing to Apple.

The iPhone OS supports sandboxing (as will Leopard), which (in theory) should prevent a vulnerable application from being able to do very much. Jobs even highlighted Safari on the iPhone being sandboxed at one of the talks.

Maybe its not quite done yet.

robbyx
Oct 10, 2007, 12:11 PM
What if throwing a tantrum actually works? In my experience, sometimes the only way to get things done is by throwing a tantrum. Many people today are just too apathetic to do anything. They may say that's too difficult, not worth the effort. That's BS, IMO. Sure somethings can't change, but people have got to try.

Well, I don't think a tantrum ever gets you what you want. And it certainly never earns you respect.

The only way third party application development is EVER going to happen for the iPhone is if Apple releases an SDK. Otherwise, hack it all you want, but you constantly run the risk of Apple shutting you down. And I don't know about you, but I use/buy third party applications because they add value and I know they will work. I wouldn't bother with a third party app that I knew might one day (soon) be rendered inoperable by a system update. What's the point?

EagerDragon
Oct 10, 2007, 12:14 PM
Yep, this is certainly a very temporary situation. It would be impossible to imagine Apple won't close this hole, since it is a security issue.

If I had time, I'd explore how a malformed TIFF could gain you root access. Anybody have a 3 sentence summary?

Edit: Someone said "Apple Approved" applications. Why does Apple have to approve them? They don't for regular Mac applications, thank god. If all apps have to go through some certification scheme, we'll be limited to what we get. In the end, don't install shady apps from shady people (like always) and you'll be fine!

three things:
The iphone runs OSX but is not a MAC
The iPhone is not protecting memory appropriatly
The Iphone is running the applications as root

Any program can step all over all the data and other programs. That is why they need approval. iPhone is not the same as a Mac and is not as secured.

EagerDragon
Oct 10, 2007, 12:17 PM
I unlocked mine, and it is still 1.0.2 (as I fear that upgrading to 1.1.1 will brick it!) --

Is anyone else in this situation? I mean I love having it unlocked and with all the apps, but sure I'd like to have my cake and eat it too (unlocked/apps, AND 1.1.1)...

Thanks!

When Leopard comes out you are going to miss a lot of nice features by not upgrading the iPhone. Since you did unlock it, you risk a brick.

edoates
Oct 10, 2007, 12:17 PM
Yep, this is certainly a very temporary situation. It would be impossible to imagine Apple won't close this hole, since it is a security issue.

If I had time, I'd explore how a malformed TIFF could gain you root access. Anybody have a 3 sentence summary?

Edit: Someone said "Apple Approved" applications. Why does Apple have to approve them? They don't for regular Mac applications, thank god. If all apps have to go through some certification scheme, we'll be limited to what we get. In the end, don't install shady apps from shady people (like always) and you'll be fine!

Apple wants to "approve" applications, or at least put them in a secure container to avoid the nightmare that 3rd party applications are on the Palm phones. As far as I can tell, 100% of Palm 3rd party applications break something and/or make the phone unreliable.

Key to a good user experience on any cell phone is as close to 100% reliability as you can get. And anything which freezes or otherwise lowers that standard is perceived by users to be the manufacturers problem; no one seems to blame that cool game they just installed, or that Word document reader. Apple wants to avoid that issue by controlling what goes onto the phone.

If all the folks putting random 3rd party applications on the phone were sophisticated and understood who to blame when it all broke, Apple might ease up. But that is not the case. Folks will install all manner of junk and blame Apple when the phone fails to perform as expected. And as we've seen by the "unlock" hacks, if the 3rd party application messes with things too deeply, such things may actually make it difficult for Apple and/or the user to restore it back to its virgin state again. It's sort of like pernicious viruses on Windows: once they are there, some of them are exceedingly difficult to eradicate.

Eddie O

EagerDragon
Oct 10, 2007, 12:22 PM
Yeah I agree! I don't get all the Hype on this! I can see it now. People install a bunch of Apps on their iPhone and iPod Touch and several weeks later Apple puts out an irresistable update and Wham all the crying begins again! It's like people are a glutton for self-punishment! A never ending cyle!

Until Apple puts out an SDK I for one would not want to play this game! Good Luck All! :rolleyes:

And unfortunatly we have to hear their cries over and over again.

phillipjfry
Oct 10, 2007, 12:25 PM
Now that 1.1.1 is known to be jailbreakable and through a safari vulnerability at that, I wonder what kind of features 1.1.2 Apple will bring us to entice the 1.1.1 and 1.0.2's to upgrade?

I'm not a 100% on this, but basically, when safari loads the TIFF it places it in the memory heap. executable intructions are actually allowed to be run from the heap. This means that if the TIFF contains "malicious" code, and the hacker is able to direct the program execution to an address in the heap, the malicious code will be executed. So basically the problem for the hackers have been to redirect the program counter to an address in the heap, which was a bit tricky due to the return address beeing stored in a dedicated register.

Someone please correct me if I'm wrong.

Sounds complicated. So you must be right. :p

EagerDragon
Oct 10, 2007, 12:26 PM
Welcome to the age of entitlement and victimhood, please be sure to pick up your free copy of 'Who Can I Blame for Everything Wrong in My Life?' and its best selling sequel, 'Everyone Who Won't Let Me do What I Want to do is Evil!'

Expand on that, it looks great. More please.

psxndc
Oct 10, 2007, 12:30 PM
What I think is interesting is that this is bringing the firmware hacking communities more into the mainstream consciousness. The PSP has a HUGE custom firmware scene, but since PSP's marketshare is kinda low, few outside the PSP community know about it. Similarly, the xbox modding scene is pretty unknown to those that don't own Xboxes.

Here, tons of people seem to be installing jailbreak, etc. on a media darling device, thereby upping the general exposure of people hacking devices beyond their original application.

I wonder how public the back and forth between the dev team and Apple will become.

-p-

madmaxmedia
Oct 10, 2007, 12:30 PM
basing this sort of hack on a vulnerability seems silly, now its in the open apple will do their best to patch the vulnerability as a vulnerability which will close that door on the jailbreak, and frankly im glad. as a user with no hacks, i want the security vulnerability patched.

You statement is illogical, in that ANY sort of Jailbreak hack will be regarded as a vulnerability by Apple, and will be patched. Apple will likely always patch against jailbreak methods because jailbreaking aids in the unlocking process.

As a user with no hacks, this publicity means Apple is now aware of the vulnerability and will patch it sooner than later.

For users desiring to hack 1.1.1, they will soon be able to Jailbreak and later can decide whether to install future updates. Everybody wins.

EagerDragon
Oct 10, 2007, 12:33 PM
I remember reading other iPhone threads and there have been several posts that said that if you're not happy w/ the iPhone or how Apple handles it, get a different phone. That's a little BS b/c what if there's no phone out there you ARE happy with? I can understand these companies will want to do something a specific way, but it is we, the consumers, who should drive what features an item has, not necesarily the companies. Sure, some people want unrealistic things, but many things (like an NES emulator, IM app, etc.) are all very possible. So Apple & all companies should be more attentive to what people want and give them it.

Comsumers vote with their wallet, those that whine should have some cheeze.

If the iPhone is not what you want, send Apple a letter, even better, get all your friends to write to them also. Mean time you and your friends don't buy the iPhone.

Locked phones have been around the US for many years, why is not not illigal, unfair, etc, for other phones but for the iPhone is like they killed the family bacause you spit on the sidewalk.

It's a great phone, but lets be fair here.

madmaxmedia
Oct 10, 2007, 12:36 PM
Okay, this is a good first step. Like people have said, though, Apple will patch this. Still, 1.1.1 is siezed. Can they now install decryption on it and find the appropriate keys? That would be my next step, although I don't know anything about hacking computer software :P

-Clive

Well, they would probably just change the key, even if you could get it from the opened up 1.1.1 OS. As well as hide it in a different way in the update.

And from what I have read, for all practical purposes you cannot brute force the key (takes a billion years or whatever.)

There are a couple of positives even if Apple patches the OS-

1. All this talk about hacking and unlocking and bricking leads to negative PR for Apple (undeserved or not). Adding more Apple apps, or establishing a 3rd party development system, would significantly decrease the amount of effort to jailbreak future OS updates. Most users and developers would be content to go with the Apple-provided solution, even if it's not quite as open.

2. In order to get as much of the user base to update as possible, Apple will likely include little carrots (i.e. new features) with each update. I know they were planning to anyway, but hopefully this will accelerate the timetable.

EagerDragon
Oct 10, 2007, 12:39 PM
I would have to assume that Apple is also aware of this security issue and is probably working to fix it. Which means we should probably expect another iPhone update within the near future to patch this security hole.

Agree, but images have been the bane of many web browsers for years. Not a single browser performs proper data validation of images. I expect a few more hacks like this. It is costly (CPU and time) to perform a proper data validation of a complex file such as images. MS has the problem (over and over), Linux does, Apple does, and Netscape does, hell even Sun does.

Nobody I know does full and proper data validation of complex objects. The encryption was a good first step, now they have to turn on memory protection and stop running everything as root.

madmaxmedia
Oct 10, 2007, 12:39 PM
So...choose...be happy with what they are offering which is good but not quite yet everything you want it to be...or go with another phone which you've already said isn't what you want either...or...wait.

Patience...is a virtue.

I would amend that to say 'Buy it if you want, and hack it if you want, but accept that you are doing it on Apple's terms.' You know that future updates may tighten security or brick unlocked phones, so it's not Apple's fault if that happens.

No one's going to tell me what I 'should' or 'should not' do with my property (as long as it's not breaking any laws), but I accept the consequences of my actions.

Fast Shadow
Oct 10, 2007, 12:43 PM
Why is it any of your business or concern what people do with the things they buy themselves?

I'd also like to point out (for the "OMG illegal hax" crowd) that Apple doesn't make you sign a contract when you buy an iPhone in a store. You hand over cash and you get a box - on planet Earth, we call that a sale. Additional terms imposed on the purchaser after the conclusion of the sale are essentially unenforceable. That's right, kids: most EULAs are unenforceable in non-UCITA states. Look it up.

Please don't use facts and big words on the iBots, you'll overheat them.

farmboy
Oct 10, 2007, 12:43 PM
Actually, if you look at the stats on that poll:
31% Installed Apps
29% Didn't install apps
40% Don't own an iphone

That would mean that 50% of the respondees, who had iphones, had installed 3rd party applications... It would be as unfair to extrapolate these stats up to the entire iphone user base (as macpolls readers may be biased), but your argument is bs.

Between the apptap/installer download stats and this survey, it's probably fair to suggest that 5-10% of iphone users may have used some 3rd party applications. That's a few more than "5000" users and quite a feat, when you consider the process involves hacking... You would have to be pretty blinkered to presume that the only people this appeals to are hackers and geeks.
J

His argument is bs but your's, using pure guesses as to numbers, isn't? In one sentence you use "probably fair", "suggests", "may"; not exactly a definitive number. Plus you can't add numbers from different sources for a total, because you don't have any idea at all how many duplicate responses there are. In the only actual poll (methodology aside) "5000" is 0.05%--so yes it appears to only appeal to hackers and geeks AT THIS POINT, not mainstream users.

madmaxmedia
Oct 10, 2007, 12:47 PM
That's exactly the point - most of us DON'T CARE what you do with your phone.
Just don't come back and complain about the potential damages YOUR actions have created. Deal?

Why assume that everyone who wants to jailbreak their iPhone or Touch is going to whine about future Apple updates?

And Apple updates have not bricked any jailbroken iPhones (meaning capable of adding 3rd-party apps), they've only bricked unlocked iPhones. 2 totally separate topics, from both technical and business perspective.

EagerDragon
Oct 10, 2007, 12:49 PM
Ive got 2 brand spanking untouched iphones, I believe both v1.02, which Ive been holding off jailbreaking/unlocking for some weeks now. Im in the UK and do not want an O2 contract. With Leopard just around the corner, Im wondering what to do - as when I upgrade (on the day its released) I will no longer have the necessary version of itunes installed (v7.4.1) (although I do have an old PC Id prefer to not have to PC sync)
Its 1 thing to not update the iphone, but to be unable to sync it or even upgrade my mac to leopard is another. :apple:

Sell them, you can buy the new version later when it is officialy unlocked.

artalliance
Oct 10, 2007, 12:50 PM
Why assume that everyone who wants to jailbreak their iPhone or Touch is going to whine about future Apple updates?

And Apple updates have not bricked any jailbroken iPhones (meaning capable of adding 3rd-party apps), they've only bricked unlocked iPhones. 2 totally separate topics, from both technical and business perspective.

I am not talking about bricking, more about Apple reseting the phone with their update so all your third party apps are gone.
A lot of whining about that, don't you think.

I am not condemning it, just saying know your potential consequences.

madmaxmedia
Oct 10, 2007, 12:51 PM
+1

It would be nice if Apple doled out some sort of info about future features they would like to add. They have explicitly compared the iPhone to other smartphones, but only the iPhone is totally dependent on Apple for new features. I'm not complaining about that (it's Apple's decision), just saying it would probably benefit everyone if they doled out any info about future expansion. Instead, they're trying to treat it like iPod updates.

Again, they can do whatever they want. But given their positioning of the iPhone, I think it would behoove THEM (i.e. increase sales) to be more forthcoming about future plans for the iPhone with its capability for 'desktop class' applications.

Don't backtrack...

I never said anything about third party applications, I just pointed out that the iPhone was not the same as the iPod in that it was created with the intention of expansion.

You replied by saying by saying that just because it has OS X on it didn't mean there'd be any future application development.

I never made any qualifiers about third party apps, I was simply trying to say the iPhone is far from the static device the iPod originally was.

EagerDragon
Oct 10, 2007, 12:52 PM
So, people are now going to use a security vulnerabilty to "jailbreak" their iPhones only a few weeks after Apple squashed the previous method for doing so? How long will it be before Apple plugs this hole? And your iPhone is an iBrick? Then you'll complain, threaten to sue, raise holy hell in the forums, etc.

I'm generally in favor of the user being able to do what he wishes with the product he has purchased. You paid for it. It's your choice. Apple has made it very clear that they don't want third party development happening for the iPhone (outside the Safari environment) right now. So while it's your choice to apply these hacks to the phone, I'm pretty sick of the whining that goes along with Apple firmware updates.

And now we have class-action lawsuits? It's absurd. No one is suing car companies over the inability to install Tetris on the built-in computer. Apple doesn't *owe* the user anything beyond what has been sold. Apple views the iPhone as a CE device, not a computer, and therefore doesn't want you messing around with it. So, stop whining when you screw something up and take responsibility for your own actions!

I love my iPhone and, quite frankly, haven't seen a single third party app that justifies "jailbreaking" my phone. Furthermore, since I know that Apple is never going to embrace the hackers who are hacking the phone or the hacked phones themselves, why jailbreak in the first place? The value added is marginal at best and you risk turning your phone into a $400 paperweight. Sorry, I just don't get it.

So please, if you apply these hacks and something goes wrong or Apple plugs the hack in the next firmware update, do us all a favor and stop whining about it!!! And no stupid lawsuits. There are enough of those already.

their father never told them about the day they were dropped on their head.

hhpm25
Oct 10, 2007, 12:52 PM
and the baseband??

CADer
Oct 10, 2007, 12:54 PM
Woot! Sort of. Well, I def. consider this good news :)


edit: does anybody know what this means for iPhone AT&Tless activation? I've been waiting to buy an iPhone until the thing can be activated without AT&T service....

It is called and Ipod Touch!

madmaxmedia
Oct 10, 2007, 12:54 PM
I am not talking about bricking, more about Apple reseting the phone with their update so all your third party apps are gone.
A lot of whining about that, don't you think.

I am not condemning it, just saying know your potential consequences.

Yeah, I totally agree. Besides, jailbreaking is one step to unlocking, which Apple is likely contractually obligated to prevent. That's why it's relatively irrelevant how 1.1.1 is jailbroken, since Apple will likely patch it no matter what. All the attention on the TIFF exploit really mean a sooner patch than later for the hole, which is good for non-hacker users.

There's obviously a lot of melodrama on both sides, the actual truth and substance of the matter isn't all that difficult. ;)

guzhogi
Oct 10, 2007, 12:55 PM
Comsumers vote with their wallet, those that whine should have some cheeze.

If the iPhone is not what you want, send Apple a letter, even better, get all your friends to write to them also. Mean time you and your friends don't buy the iPhone.

Locked phones have been around the US for many years, why is not not illigal, unfair, etc, for other phones but for the iPhone is like they killed the family bacause you spit on the sidewalk.

It's a great phone, but lets be fair here.

Very true. We can debate how to do this until the end of time, but that'll just get boring. Maybe everyone on MacRumors can write letters. I don't know. :confused:

I'm glad to see that people are actually reading my posts and thinking about them. It makes me feel special. :rolleyes:

amcclay
Oct 10, 2007, 12:56 PM
Jay-sus Chrizz-ist on a bike!

All the sniveling nay-saying anti-hackers: Do you even KNOW how Jobs / Woz got their start? If it wasn't for them wanting to 'tinker' and "violate their EULA" or whatever, you probably wouldn't even HAVE an iPhone.

The ultimate irony - Jobs in bed and capitulating to AT&T, the company that, 30 years ago he was "commiting crimes" against.

Now all of the sudden, people merely trying to use their iPhones in a more creative way are suddenly the devil.

All you control freaks that think this is about entitlement and not freedom would do well to remember what various amounts of 'tantrum' throwing has accomplished in the US throughout history. Every time, there was somebody like you calling them crybabies, etc. You're in good company.

This is not to compare hacking an iPhone to the civil rights movement or women's sufferage - but it IS to remind you to show some appreciation for those who like to explore.

Read the following carefully:

"Here's to the crazy ones.

The misfits.
The rebels.
The troublemakers.
The round pegs in the square holes.


The ones who see things differently.

They're not fond of rules.
And they have no respect for the status quo.

You can praise them, disagree with them, quote them,
disbelieve them, glorify or vilify them.

About the only thing you can't do is ignore them.
Because they change things.

They invent. They imagine. They heal.

They explore. They create. They inspire.
They push the human race forward.


Maybe they have to be crazy.

How else can you stare at an empty canvas and see a work of art?
Or sit in silence and hear a song that's never been written?
Or gaze at a red planet and see a laboratory on wheels?

We make tools for these kinds of people.


While some see them as the crazy ones,
we see genius.

Because the people who are crazy enough to think
they can change the world, are the ones who do."

madmaxmedia
Oct 10, 2007, 12:56 PM
The iPhone OS supports sandboxing (as will Leopard), which (in theory) should prevent a vulnerable application from being able to do very much. Jobs even highlighted Safari on the iPhone being sandboxed at one of the talks.

Maybe its not quite done yet.

i think it is sandboxed, but a buffer overflow is different- it's like finding out there is a hole in the sandbox...

madmaxmedia
Oct 10, 2007, 12:59 PM
As far as I can tell, 100% of Palm 3rd party applications break something and/or make the phone unreliable.

Is this actually your experience? Because it seems COMPLETELY off the mark. I've owned plenty of Palm but no Treo's.

It is true that 3rd party apps can make a device unreliable. But to say all Palm apps do? Nonsense.

matticus008
Oct 10, 2007, 01:04 PM
I think the big difference is that Apple has locked people out of 3rd party development, creating a LOT of pressure to hack.
The difference is that one is legal and one is not. Hacking the iPhone is consistent with your full use and enjoyment of the product, so long as you remain lawfully accessing the provider's network and so long as you do not infringe on anyone's property rights in doing so. You are not making illegal copies or violating an explicit agreement. Putting OS X on a PC is a clear violation of license terms to the software, just as putting the iPhone OS on a Nokia would be.
Why is it any of your business or concern what people do with the things they buy themselves?
Well I can't speak for whoever you're responding to, but when it involves a security exploit allowing arbitrary code execution, like this hack and the ones before it, my concern is that Apple patch it, and patch it promptly.

If the hackers want to find another vulnerability and buy a few more weeks, that's fine. But to expect Apple to leave this hole open (or to have expected them to leave the last one) is ludicrous. Perhaps the hackers should devote more resources into finding a better way to achieve their goals--one that doesn't pose a security problem and doesn't rely on firmware modification.
Apple doesn't make you sign a contract when you buy an iPhone in a store. You hand over cash and you get a box - on planet Earth, we call that a sale.
Actually, we call it a contract for sale and performance of K, and when the box contains terms, that's part of the sale, just as when the transaction includes associative licenses to other property. Course of trade requires those terms be upheld, and performance is assent of perfection, all terms inclusive. Buying the product is tantamount to signature at common law in all 50 states.
Additional terms imposed on the purchaser after the conclusion of the sale are essentially unenforceable. That's right, kids: most EULAs are unenforceable in non-UCITA states. Look it up.
Neither of these sentences are true. Look it up. The terms are attached prior to sale (see UCC 2-204 et seq.) and no court has ever ruled EULAs unenforceable. Some courts have ruled specific provisions invalid and thus refused to uphold those specific requirements. There's a world of difference between what you're saying and reality.

Rustus Maximus
Oct 10, 2007, 01:07 PM
Why is it any of your business or concern what people do with the things they buy themselves?

It isn't...and I am not (nor will I be nor should Apple be) concerned when people end up with a $600 '911' callbox. The 'developers' were free to choose what they did to their phones...just as Apple is free to break it.

I'd also like to point out (for the "OMG illegal hax" crowd) that Apple doesn't make you sign a contract when you buy an iPhone in a store. You hand over cash and you get a box - on planet Earth, we call that a sale. Additional terms imposed on the purchaser after the conclusion of the sale are essentially unenforceable. That's right, kids: most EULAs are unenforceable in non-UCITA states. Look it up.

Well...perhaps you don't sign a contract in the store...but at some point...somewhere in the twisted wilds of reality that some folks walk in...you will come across this unavoidable fact that is plainly visibly on Apple's iPhone webpage...

To use iPhone, you’ll need to sign up for a 2-year service agreement and nowhere does it say you have the ability to install and use 3rd party apps yet.

Scream about how it can't be enforced all you want. Curse the darkness.

go...pound...sand.

and...

Please don't use facts and big words on the iBots, you'll overheat them.

Congratulations on having the first 'fanboy' accusation! WOO!!

No one expects the FanBoy inquisition!!

EagerDragon
Oct 10, 2007, 01:09 PM
Well, Steve Jobs said the reason the phone has OS X is because:

"It let us create desktop class applications and networking, not the crippled stuff you find on most phones. These are real desktop applications."

If that's not a statment that there would be future application development, I don't know what is. In any case, there's currently no desktop class applications on the iPhone, so I'm still waiting.

Yes, but "US" means Apple.

robbyx
Oct 10, 2007, 01:11 PM
Yawn. Seriously. This is funny stuff.

30 years ago, the technology industry was just getting started. And yes, there was a lot of hacking. And were it not for the hacking, you're right, we probably wouldn't be here. Or we'd be somewhere else entirely. Who knows.

As for using the iPhone in a more "creative" way, I think you miss the point. I don't think anyone - including Apple - really cares if you hack your phone. What they care about is the hacker's expectation that future updates will work seamlessly with whatever hack has been installed. If you hack it, accept the consequences. That's what Woz and Jobs did back in the day. They didn't go around whining or suing when something didn't go their way.

I think it's quite funny how people try to liken hacking the iPhone to "freedom", etc. Give me a break. How many devices out there don't allow you to install whatever software you want? How many cell phones are locked (let's see...EVERY ONE sold by a US cell company)? Apple has every right to define the limits of approved use of a product it sells. You're welcome to push beyond those limits, but you can't expect ANYTHING from Apple if you do. Why is that so hard for people to understand?

Jay-sus Chrizz-ist on a bike!

All the sniveling nay-saying anti-hackers: Do you even KNOW how Jobs / Woz got their start? If it wasn't for them wanting to 'tinker' and "violate their EULA" or whatever, you probably wouldn't even HAVE an iPhone.

The ultimate irony - Jobs in bed and capitulating to AT&T, the company that, 30 years ago he was "commiting crimes" against.

Now all of the sudden, people merely trying to use their iPhones in a more creative way are suddenly the devil.

All you control freaks that think this is about entitlement and not freedom would do well to remember what various amounts of 'tantrum' throwing has accomplished in the US throughout history. Every time, there was somebody like you calling them crybabies, etc. You're in good company.

This is not to compare hacking an iPhone to the civil rights movement or women's sufferage - but it IS to remind you to show some appreciation for those who like to explore.

Read the following carefully:

...

edoates
Oct 10, 2007, 01:12 PM
Is this actually your experience? Because it seems COMPLETELY off the mark. I've owned plenty of Palm but no Treo's.

It is true that 3rd party apps can make a device unreliable. But to say all Palm apps do? Nonsense.

I had a Palm 650. Basically, everytime I installed something (purchased or free), the phone became less reliable. Yeah, 100% is an exaggeration, but essentially, the Treo is a basket case for me. Interestingly, I had a much different experience with my old palm's and handsprings: they were endlessly reliable which is why I bought the Palm 650 in the first place.

With the Palm, I especially liked the 4 page software update procedure...backup, push and hold these buttons, run this utility, run another one, blah blah blah, and then it failed so I could start again. Sadly, Palm deserves their current business status: apparently just waiting to file for bankruptcy. They kind of started this part of the business. Sigh.

Eddie O

madmaxmedia
Oct 10, 2007, 01:13 PM
To use iPhone, you’ll need to sign up for a 2-year service agreement and nowhere does it say you have the ability to install and use 3rd party apps yet.

Scream about how it can't be enforced all you want. Curse the darkness.

go...pound...sand.


Why do you keep bringing this up, when the original topic of this thread is jailbreaking (enabling 3rd-party apps), and NOT SIM-unlocking?

EagerDragon
Oct 10, 2007, 01:17 PM
Very true. We can debate how to do this until the end of time, but that'll just get boring. Maybe everyone on MacRumors can write letters. I don't know. :confused:

I'm glad to see that people are actually reading my posts and thinking about them. It makes me feel special. :rolleyes:

I wrote mine congratulating them on the bricking of some of the iPhones.

madmaxmedia
Oct 10, 2007, 01:17 PM
I had a Palm 650. Basically, everytime I installed something (purchased or free), the phone became less reliable. Yeah, 100% is an exaggeration, but essentially, the Treo is a basket case for me. Interestingly, I had a much different experience with my old palm's and handsprings: they were endlessly reliable which is why I bought the Palm 650 in the first place.

With the Palm, I especially liked the 4 page software update procedure...backup, push and hold these buttons, run this utility, run another one, blah blah blah, and then it failed so I could start again. Sadly, Palm deserves their current business status: apparently just waiting to file for bankruptcy. They kind of started this part of the business. Sigh.

Eddie O

The Treo itself is unreliable by many counts, but I get what you're saying.

A further complication is that Palm has updated their creaky OS so many times that many 3rd-party apps don't work so well. I will add that the ones that don't work so well are typically those that go outside of the Palm SDK (so Palm can't ensure compatibility with.) Then those developers will complain that they had to do these things because of fault's with the OS...

At the end of the day, 3rd party apps is a strategic decision for Apple, not some sort of high and mighty moral issue. I do think having a controlled 3rd-party platform may be the best of both worlds, in terms of how Apple is positioning the iPhone (capabilities AND elegant user experience.)

I think it would behoove Apple to at least announce that such a platform is coming (if it indeed is in development), that alone would ease a lot of the hooplah over hacking to add 3rd-party apps.

psychofreak
Oct 10, 2007, 01:18 PM
Why do you keep bringing this up, when the original topic of this thread is jailbreaking (enabling 3rd-party apps), and NOT SIM-unlocking?

Jailbreaking lets you install Installer.app -> Install a SIM unlocker :)

Rustus Maximus
Oct 10, 2007, 01:19 PM
Jay-sus Chrizz-ist on a bike!

All the sniveling nay-saying anti-hackers: Do you even KNOW how Jobs / Woz got their start? If it wasn't for them wanting to 'tinker' and "violate their EULA" or whatever, you probably wouldn't even HAVE an iPhone.

The ultimate irony - Jobs in bed and capitulating to AT&T, the company that, 30 years ago he was "commiting crimes" against.

Now all of the sudden, people merely trying to use their iPhones in a more creative way are suddenly the devil.

All you control freaks that think this is about entitlement and not freedom would do well to remember what various amounts of 'tantrum' throwing has accomplished in the US throughout history. Every time, there was somebody like you calling them crybabies, etc. You're in good company.

This is not to compare hacking an iPhone to the civil rights movement or women's sufferage - but it IS to remind you to show some appreciation for those who like to explore.

First of all if you're gonna go for it, go for the gold and just use Christ next time ;)

Second, I don't think you guys are the devil, you wanna hack your phones? you wanna find cool things you can do beyond Apple's 'approved' uses, by all means go for it. As someone stated earlier here I am glad they found the TIFF exploit...now it can be closed.

I can't speak for the other, how did you so eloquently put it, sniveling anti-hackers, but I am not telling you not to hack. Hack away brother...just don't cry or expect Apple to give you new phone when you crack yours. Don't be angry with Apple if they don't (or can't due to business agreements) allow 3rd party apps yet. 'Being in bed' with AT&T made the phone a reality...you can dislike it but odds are there'd be nothing to hack had he not done so or it would have been a while before we saw it.

madmaxmedia
Oct 10, 2007, 01:20 PM
Jailbreaking lets you install Installer.app -> Install a SIM unlocker :)

Yes, but a lot of people have jailbroken their phones just to add apps, not to unlock. And none of these phones were bricked by the update.

Rustus Maximus
Oct 10, 2007, 01:22 PM
Why do you keep bringing this up, when the original topic of this thread is jailbreaking (enabling 3rd-party apps), and NOT SIM-unlocking?

Yep, I edited my earlier post to add a comment about that Madmax...I guess it just all ties together in my mind as the effort to open up the iPhone is not soley about 3rd party apps but also who you can use it with, but I'll try to stick more to the apps discussion only.

EagerDragon
Oct 10, 2007, 01:23 PM
i think it is sandboxed, but a buffer overflow is different- it's like finding out there is a hole in the sandbox...

I never heard that, but I do know that if you run a standard Applet, in any browser it does run in a sandbox (most java versions). However if you are running a signed Applet or a Java application it runs outside the sandbox. However this only applies to Java which the iPhone does not currently supports.

For clarity some new versions of JVM use a security policy and not the original sandbox concept, for simplicity I called them both a sandbox.

Love to get a hold of the code being run in the iPhone to do a security code review, but Apple never sent me a copy.

madmaxmedia
Oct 10, 2007, 01:24 PM
It's possible that a 1.1.2 update will only patch the relevant parts of the OS (TIFF exploit), and not overwrite the entire OS from scratch. If so, it might not un-jailbreak our devices (similar to the first 2 iPhone updates.)

If this is the case, it might be possible to have the best of both worlds- use the TIFF exploit to jailbreak, then update to patch the hole.

madmaxmedia
Oct 10, 2007, 01:28 PM
I never heard that, but I do know that if you run a standard Applet, in any browser it does run in a sandbox (most java versions). However if you are running a signed Applet or a Java application it runs outside the sandbox. However this only applies to Java which the iPhone does not currently supports.

For clarity some new versions of JVM use a security policy and not the original sandbox concept, for simplicity I called them both a sandbox.

Love to get a hold of the code being run in the iPhone to do a security code review, but Apple never sent me a copy.

You're probably right, I'm not a programmer. ;) I wasn't thinking that the payload code delivered is still running in the sandbox.

EagerDragon
Oct 10, 2007, 01:30 PM
Love how some people here are smarter than Steve and the board of directors and can tell Apple exactly how to run their business.

Do you know where they are heading?
Do you know what products are in the pipeline?
Do you know how they plan to integrate them and make people want them?
Are you one of their desired customers or just someone they could not refuse selling to?

madmaxmedia
Oct 10, 2007, 01:31 PM
Yep, I edited my earlier post to add a comment about that Madmax...I guess it just all ties together in my mind as the effort to open up the iPhone is not soley about 3rd party apps but also who you can use it with, but I'll try to stick more to the apps discussion only.

Yeah. I mean the 2 are related in that achieving one helps the other, but they are different.

But because they are related, I can't see how Apple could act in any other way than they are now- patching against any jailbreak methods that are developed. And I say that as a Touch owner who wants to jailbreak and play around with my iPod, but obviously have no vested interest in iPhone SIM unlocking.

amcclay
Oct 10, 2007, 01:32 PM
I don't think anybody here is arguing against Apple's RIGHT to 'fix' things that may or may not be wrong with the iPhone. Nobody has a 'right' to have Apple accommodate their every need on the iPhone.

People who hack their iPhone's also have a responsibility to acknowledge the inherent danger of treading into an unregulated frontier of experimentation.

At the same time, it is reasonable that many people who have stuck by Apple through the highs, lows and highs again have some expectations about how they might behave toward their users. Indeed, there were some signals about Apple taking a 'neutral' stance on 3rd party apps etc.

Apple could very well have seen a serious vulnerability and potential for problems with the previous unencrypted file system and decided to fix it as a means of protecting the users. That is plausible.

What is NOT plausible is that Apple saw some reason to deny its users the ability to add their own ringtones on a device that has, as part of its main functionality, the ability to play any sound (mp3) that a user adds to it. This is one area, where it is fair and RIGHT to criticize apple's behavior. People have a right to A.) voice their complaints about it, and B.) find ways to circumvent such an unreasonable restriction on a device that they own.

You may disagree with this and that's fine - then don't write to Apple requesting this, and certainly don't try to get ringtones on your phone because they are not "apple approved". But what you shouldn't do is spend your time "whining" about others who wish to see the situation improve and are taking steps to remedy it in lieu of Apple doing it themselves.

Again, people expect more from Apple. And, I for one - after defending them through thick and thin feel it is proper to do so.

People jumping up and down angry at the iPhone hackers simply look like control freaks obsessed with what other people might be doing to their iPhones. I'll leave political leanings out of this except to say, that this smacks of various other desires of people to impose restrictions on others in an arbitrary way rather than "live and let live".

In short: If you don't like hacked iPhones, don't hack one.

EagerDragon
Oct 10, 2007, 01:36 PM
Any and all security related holes will be patched by Apple even if it does not result in unlocking or un-approved 3rd party apps.

They would be liable in court if they knew of a vulnerability and did nothing about it, which it resulted in people being affected.

Those lawsuits they will loose quick and their stock would decline.

Rustus Maximus
Oct 10, 2007, 02:01 PM
I don't think anybody here is arguing against Apple's RIGHT to 'fix' things that may or may not be wrong with the iPhone. Nobody has a 'right' to have Apple accommodate their every need on the iPhone. People who hack their iPhone's also have a responsibility to acknowledge the inherent danger of treading into an unregulated frontier of experimentation.

Hey we agree...but then I read on and get...

What is NOT plausible is that Apple saw some reason to deny its users the ability to add their own ringtones on a device that has, as part of its main functionality, the ability to play any sound (mp3) that a user adds to it. This is one area, where it is fair and RIGHT to criticize apple's behavior. People have a right to A.) voice their complaints about it, and B.) find ways to circumvent such an unreasonable restriction on a device that they own.

I don't think it's a question of plausibility as much as it is most likely the long smelly finger of the record companies again (whom Apple has to deal with a great deal if you recall their little iTunes store.) If you sniff you'll also catch a good whiff of capitalism in that Apple also sees a way to continue growing their revenue stream to a degree with the previously mentioned iTunes store.

Also, yes you have the right to complain and voice that towards Apple. However you do not have the right to break contractual agreements or meddle in the internal functions of the iPhone...you have the freedom to do so if you wish...just as Apple has the right AND the freedom to stop you or try to.

But what you shouldn't do is spend your time "whining" about others who wish to see the situation improve and are taking steps to remedy it in lieu of Apple doing it themselves.

Again, people expect more from Apple. And, I for one - after defending them through thick and thin feel it is proper to do so.

People jumping up and down angry at the iPhone hackers simply look like control freaks obsessed with what other people might be doing to their iPhones. In short: If you don't like hacked iPhones, don't hack one.

I don't care what you do to your iPhone. I stated it earlier, I for one am not angry or upset or whining or seeking to drive down into the fiery pits of utter damnation and burning control those who choose to hack their phones. In short: If you like hacked iPhones, hack one.

You stated earlier that..."Nobody has a 'right' to have Apple accommodate their every need on the iPhone."

Then you say here essentially that "unless they do it then we sure will!!". So, do it...live with the consequences when Apple cracks or otherwise inhibits your desire to do that since they are obviously not ready to allow it for whatever the reason. It isn't Apple's fault, they will open it up when and if they decide to.

I'll leave political leanings out of this except to say, that this smacks of various other desires of people to impose restrictions on others in an arbitrary way rather than "live and let live".

If you were gonna 'leave political leanings out of it' you wouldn't have mentioned it at all.

"Live and Let Live"...ie..."Let me do whatever I want to the iPhone....even if it breaks it then I have to call your tech support and increase your costs and overhead to support my own risky decision to 'fix' your obviously broken product and I will tell all my friends how Apple is the suxxorz because they won't open this thing up

matticus008
Oct 10, 2007, 02:06 PM
The ultimate irony - Jobs in bed and capitulating to AT&T, the company that, 30 years ago he was "commiting crimes" against.
That's not irony; that's evolution. At some point the rebel must become the establishment--it's part of the natural order of things. If the rebels all stay rebels, they eventually lose anything to rebel against.

Hacking a phone doesn't even come close to changing the world...if anything, the idea that the iPhone and whether you can play Tetris on it is a substantive issue is what people should be rebelling against. Talk about self-obsessed consumerism run rampant.

BTW
Oct 10, 2007, 02:10 PM
so much for OS X security.... :rolleyes:

I'd rather have a secure web browser and some decent Apple-approved applications, then install this.


This is certainly a good trial-by-fire exercise for Apple. Hackers didn't seem to care too much about the OSX platform on the Macs, since it is a open development platform and they didn't have much to gain. Now the iPhone has spun that around. This will be good for all flavors (or flavours if you prefer) of OSX and Safari.

I'd bet the iPhone dev team has other exploit routes to go down and don't want to publish those unless they have to (a.k.a Apple patches 1.1.1). ;)

guzhogi
Oct 10, 2007, 02:10 PM
I think that people should be able to hack their phones if they want to, but at their own risk. Yet, after a few months (1.5 years at most), Apple should open the iPhone up to native 3rd party apps so people wouldn't need to hack their iPhones. Not just web based ones. I say after a few months b/c I want Apple to have time to get the iPhone firmware as stable as possible 1st.

With the iPhone, and any product/service for that matter, people shouldn't be content w/ just what's out there. People should let the companies know what they want and make them provide it. If not, we get stagnation & crappy products.

Virgil-TB2
Oct 10, 2007, 02:11 PM
I remember reading other iPhone threads and there have been several posts that said that if you're not happy w/ the iPhone or how Apple handles it, get a different phone. That's a little BS b/c what if there's no phone out there you ARE happy with? ....This is exactly what people are talking about though when they refer to the only problem being in the users exaggerated sense of entitlement.

This is you. :)

You are the one with the problem, because you seem to think that you have a right to have a phone with a feature-set that you are personally "happy" with. :confused:

This is not the way things work, nor have they ever. Whatever gave you the idea that the manufacturer is under an obligation to make a product that you are happy with?

Those "several posts" you are referring to above are absolutely right. The manufacturers make products, and you buy them if you like them, and don't buy them if you don't. That's just the way things are whether you are "happy" about it or not.

guzhogi
Oct 10, 2007, 02:12 PM
Love how some people here are smarter than Steve and the board of directors and can tell Apple exactly how to run their business.

Do you know where they are heading?
Do you know what products are in the pipeline?
Do you know how they plan to integrate them and make people want them?
Are you one of their desired customers or just someone they could not refuse selling to?

Maybe not smarter, but these companies are here to serve the consumer, not the other way around. Companies should do what their consumers want/need. People today are too concerned about getting $$$ and not enough about helping themselves & others.

guzhogi
Oct 10, 2007, 02:15 PM
This is exactly what people are talking about though when they refer to the only problem being in the users exaggerated sense of entitlement.

This is you. :)

You are the one with the problem, because you seem to think that you have a right to have a phone with a feature-set that you are personally "happy" with. :confused:

This is not the way things work, nor have they ever. Whatever gave you the idea that the manufacturer is under an obligation to make a product that you are happy with?

Those "several posts" you are referring to above are absolutely right. The manufacturers make products, and you buy them if you like them, and don't buy them if you don't. That's just the way things are whether you are "happy" about it or not.

True, but who says it has to stay that way? What if the colonial Americans were like that? If they were, there would be a USA. WHat we call Americans would all be English citizens right now.

longofest
Oct 10, 2007, 02:22 PM
I posted a lot of related posts stating most of what is stated in this article in the previous thread "
http://www.macrumors.com/css/im/titlebar_topright%20red.gif
Preliminary iPhone 1.1.1 'Jailbreak', Ringtones Soon? (http://www.macrumors.com/2007/10/08/preliminary-iphone-1-1-1-jailbreak-ringtones-soon/)

"

A little credit would not hurt.

We generally give credit to folks who use our submission form (http://www.macrumors.com/site.php?mode=submit)... You made some good points in that thread, but to be honest, I made the post without having read your comments. Use the submission link, and assuming 10 million people aren't submitting the same thing, you'll get the credit

ruckus
Oct 10, 2007, 02:28 PM
I remember reading other iPhone threads and there have been several posts that said that if you're not happy w/ the iPhone or how Apple handles it, get a different phone. That's a little BS b/c what if there's no phone out there you ARE happy with? I can understand these companies will want to do something a specific way, but it is we, the consumers, who should drive what features an item has, not necesarily the companies. Sure, some people want unrealistic things, but many things (like an NES emulator, IM app, etc.) are all very possible. So Apple & all companies should be more attentive to what people want and give them it.

Customers can make a change. But it works best by voting with your wallet. Me, for example, will not buy an iphone until it meets my requirements. Unfortunately, so man people bought one even though it didn't meet their requirements. A big way companies view how good their product is is by looking at the sales numbers.

If everyone who wanted 3rd party development on the iphone didn't buy one, I bet apple would be looking for a solution to this a lot closer.

Apple already got your sale, already got your 2 year contract. The consumers are voting, they are saying they don't care the phone is crippled, i'll take one anyway. For this reason, apple has no real drive to open up the iphone. I suspect they will someday, but apple is doing just fine w/o doing that.

I'm not the only one out there, but I vote with my wallet, and apple hasn't gotten my vote yet! (Although, i guess they did because I bought my fiance an iphone, because I know she doesn't really care about 3rd party apps :()

Unspeaked
Oct 10, 2007, 02:57 PM
I'm not the only one out there, but I vote with my wallet, and apple hasn't gotten my vote yet! (Although, i guess they did because I bought my fiance an iphone, because I know she doesn't really care about 3rd party apps :()

That is a hilarious closing line!

:)

xelphy
Oct 10, 2007, 03:06 PM
When Leopard comes out you are going to miss a lot of nice features by not upgrading the iPhone. Since you did unlock it, you risk a brick.

Right, well in that case is there anyway to re-lock it so that I can successfully update it?

PS: I'll also have to see these 'new features' to believe them:rolleyes:

emotion
Oct 10, 2007, 03:12 PM
I'm not the only one out there, but I vote with my wallet, and apple hasn't gotten my vote yet! (Although, i guess they did because I bought my fiance an iphone, because I know she doesn't really care about 3rd party apps :()

Hahahahaha. Good post!

If you felt that strongly that voting with your wallet is the way to change the iphone for the better then why didn't you just convince your fiance to wait instead of working on some people on a forum?

emotion
Oct 10, 2007, 03:23 PM
Right, well in that case is there anyway to re-lock it so that I can successfully update it?

Depends on who unlocked it and the method. I suspect there's some methods that do indeed cause damage. Hence Apple's warning.

However, I do think Apple can make a phone that has been played around with, and the phone side doesn't work anymore, work again.

ie. make, what most people are incorrectly callng a brick, into a non-brick.


PS: I'll also have to see these 'new features' to believe them:rolleyes:

I'd hate to miss out on syncing notes, todos and possibly even a2dp (which is in Leopard too).

In the future, what about when MMS and iChat appear? What about plugging serious security flaws? At what point do you jump? Are the 3rd party apps available now that good? (It's an honest question btw.)

marcrumors
Oct 10, 2007, 03:32 PM
Cant we all just get along?

Anti-hackers:
Dont like hacking? Dont do it. We've heard all the arguments why we shouldnt. Many people have told us all the reasons we're stupid for doing it. That's fine. Thats your opinion. But we're doing it or have already done it. And if we're excited about the news, we want to come to this thread and find out new info without having to sift through all your posts saying the same thing over and over.

Hackers:
Of which I am one. We like being able to do what we want with the product, whether its legal or not. We like the apps or another service provider. BUT we have to accept the responsibility for our actions. There were far too many warnings for anyone to have bricked their phone by updating to 1.1.1. And we have to accept that Apple wants to close it off. I dont agree with it, but thats how it is. We made a decision and we have to live with it without complaint.

But these threads are getting silly. Every thread has the same argument going on. I dont post much, because Im just here to get the news. But everything just degenerates into this empty rhetoric on both sides. I think we all get it. Some people like it, some people dont. Those that dont like it, can you not hijack threads to make the same arguments we all heard. Hackers, dont respond or complain. We know why we did it. We arent going to convince anyone else.

Thank you for your time.

emotion
Oct 10, 2007, 03:44 PM
Anti-hackers:
Dont like hacking? Dont do it. We've heard all the arguments why we shouldnt. Many people have told us all the reasons we're stupid for doing it. That's fine. Thats your opinion. But we're doing it or have already done it. And if we're excited about the news, we want to come to this thread and find out new info without having to sift through all your posts saying the same thing over and over.

Hackers:
Of which I am one. We like being able to do what we want with the product, whether its legal or not. We like the apps or another service provider. BUT we have to accept the responsibility for our actions. There were far too many warnings for anyone to have bricked their phone by updating to 1.1.1. And we have to accept that Apple wants to close it off. I dont agree with it, but thats how it is. We made a decision and we have to live with it without complaint.

Well said.

I think the frustration here is Apple's strategy. Both sides must be feeling that. Apple have handled this badly.

guzhogi
Oct 10, 2007, 03:56 PM
Customers can make a change. But it works best by voting with your wallet. Me, for example, will not buy an iphone until it meets my requirements. Unfortunately, so man people bought one even though it didn't meet their requirements. A big way companies view how good their product is is by looking at the sales numbers.

If everyone who wanted 3rd party development on the iphone didn't buy one, I bet apple would be looking for a solution to this a lot closer.

Apple already got your sale, already got your 2 year contract. The consumers are voting, they are saying they don't care the phone is crippled, i'll take one anyway. For this reason, apple has no real drive to open up the iphone. I suspect they will someday, but apple is doing just fine w/o doing that.

I'm not the only one out there, but I vote with my wallet, and apple hasn't gotten my vote yet! (Although, i guess they did because I bought my fiance an iphone, because I know she doesn't really care about 3rd party apps :()

Very true. Only thing w/ that is what about the people who need a phone and everything else is total & utter cr@p? Sometimes, just holding off and not getting one is not an answer. Plus, people shouldn't just settle for the least of all evils, especially when the best option is still total cr@p.

EagerDragon
Oct 10, 2007, 04:01 PM
Maybe not smarter, but these companies are here to serve the consumer, not the other way around. Companies should do what their consumers want/need. People today are too concerned about getting $$$ and not enough about helping themselves & others.

Sorry, but that is an idialistic view.

They are here to make money for the shareholders. That is their function in life. If that means making customers happy most of the times, then more gravy. But sometimes that also means that a failrly small group will be unhappy. Most companies would kill for having a 80 to 90 customer approval. Apple does better than that.

Money first, that is what the shareholders want and they are the ones that approve/disapprove the board of directors for the company and as such the direction the company takes.

BTW Apple is an american company not a socialistic state, money is the bottom line. If the shareholders don't like the return, Steve and others need to find a new job.

ruckus
Oct 10, 2007, 04:12 PM
Hahahahaha. Good post!

If you felt that strongly that voting with your wallet is the way to change the iphone for the better then why didn't you just convince your fiance to wait instead of working on some people on a forum?

I have become my own worst enemy! haha...truthfully, she didn't want an iphone, i had to convince her she wanted it. (long story, her phone was run over by a car, she wanted the same phone, but if I'm going to spend $350 blah blah)

But I do suspect my gripes with the phone will be resolved, and it is a pretty cool toy nonetheless. I just wanted to play with it sometimes while still "not voting with my wallet". But, I wallow in my hypocrisy.

...and I look at it this way: I get two votes, I only voted once. The next I'm reserving!;)

goosnarrggh
Oct 10, 2007, 04:35 PM
The difference is that one is legal and one is not. Hacking the iPhone is consistent with your full use and enjoyment of the product, so long as you remain lawfully accessing the provider's network and so long as you do not infringe on anyone's property rights in doing so. You are not making illegal copies or violating an explicit agreement. Putting OS X on a PC is a clear violation of license terms to the software, just as putting the iPhone OS on a Nokia would be.

Matticus, in my interpretaton, you've got it exactly backwards.

People who "hack" their iPhone willy nilly with the open-ended intent of installing any arbitrary 3rd party application are in material breach of Apple's EULA. As such, Apple, if it so chose, could sue all such people with copyright infringement, and would have a fair chance of winning.

People whose sole intent in jailbreaking their iPhone was to install a piece of SIM-unlock software, are arguably NOT in violation of the EULA. It is the the language of the EULA itself, in light of the DMCA exemption, that leads me to that conclusion. I've explained my reasoning previously in other threads, so I really don't want to get into it again if you don't mind.

If those SIM-unlocked people have already activated a service agreement with AT&T, then they are still contractually required to pay the early termination fee or else they'll still be on the hook for paying the prescribed monthly service fees, regardless of whether they go on to use it or not. But that's an issue that's up to AT&T to pursue.

If those SIM-unlocked people never activated their phones on the AT&T network in the first place, then they have not entered into a contract with AT&T, so AT&T has no standing in the matter. Only Apple's software EULA is applicable, and again, I hold that agreement has *not* been violated.

Now let me clarify - I am not convinced that Apple has any obligation to provide warranty support for any bricked iPhones that have been hacked in any way at all. I just don't agree that people who have SIM-unlocked iPhones have necessarily done anything illegal.

sachamun
Oct 10, 2007, 04:37 PM
All your desires and wishes aside, how can people be mad or frustrated with Apple when it was clear from day 1 that iphone would not support 3rd party apps? That was the deal, and you bought into it. If you get any more than that, you should be happy. I don't like it either, but if you don't like something, don't buy it.

iJed
Oct 10, 2007, 04:54 PM
I've just jailbroken and installed installer.app on my iPod touch using this guide (http://www.iphonealley.com/news/iphone-v1-1-1-jailbreak-apptapp-installation-guide). Its not yet the simplest process but it was by no means difficult. Took me about 30 mins to get fully working. Obviouly I did not do the iPhone only stuff.

Macsterling
Oct 10, 2007, 04:56 PM
I unlocked mine, and it is still 1.0.2 (as I fear that upgrading to 1.1.1 will brick it!) --

Is anyone else in this situation? I mean I love having it unlocked and with all the apps, but sure I'd like to have my cake and eat it too (unlocked/apps, AND 1.1.1)...

Thanks!


I had the installer.app on my first phone and it was cool and all but it seems some of those apps caused more problems and drained the battery faster. When I uninstslled some apps that I didn't like, I dont think it fully unistalled them. Take Navizon for example; when I reinstalled it, it still had all my settings still saved. It lead me to believe that even though I uninstalled it, it eas still somewhere on the phone. I just picked up a brand new phone that was already installed with 1.1.1 and I will keep it that way. People forget that it was Apple that brought us this cool phone and is still the phone to have. Apple continues to amaze us with their products and I know they will have some great apps for it soon. You just have to be patient. Yes Nintendo was cool and all but none of the people I ever showed really cared about that. It has plenty of Apps already to keep you plenty busy.

My new phone runs smoother and the battery lasts a whole hell of a lot longer than it did with all those 3rd party apps. The only thing I miss is being able to customize my icons and stuff but I would rather have a phone that I can update and keep secure than have that. Again Apple will have more apps out soon.

vga4life
Oct 10, 2007, 05:00 PM
Note: I am not an attorney and this is not legal advice, consult an attorney licensed in your jurisdiction blah blah blah.

Actually, we call it a contract for sale and performance of K, and when the box contains terms, that's part of the sale, just as when the transaction includes associative licenses to other property. Course of trade requires those terms be upheld, and performance is assent of perfection, all terms inclusive. Buying the product is tantamount to signature at common law in all 50 states.

Terms disclosed in advance of the sale? Printed on the outside of the box maybe? No? Hm. Yeah, good luck with that.

Neither of these sentences are true. Look it up. The terms are attached prior to sale (see UCC 2-204 et seq.) and no court has ever ruled EULAs unenforceable. Some courts have ruled specific provisions invalid and thus refused to uphold those specific requirements. There's a world of difference between what you're saying and reality.

Find me controlling precedent anywhere that says a license agreement not presented to or accepted by the user in the course of installation or use of software is binding on that user. (AFAIK it's possible to jailbreak, activate, install software on, and subsequently use an iphone without ever being presented with a license agreement.)

All the EULA-upholding cases I'm aware of, but especially ProCD and Blizzard, don't involve a factual question of whether the end user was presented with or accepted the license - that the user was presented with, and accepted, a clickwrap license was stipulated.

I'm saying that I believe nothing but the pre-disclosed terms of the sale bind the buyer of an iPhone until they've manifest acceptance of additional terms disclosed later by, e.g., clicking 'Agree' to the iTunes license.

Yes, once you agree to the additional terms, anything not unconscionable is probably enforceable - but no court that I'm aware of has ever held that by buying a box you are bound by the "mystery terms" inside until you have the opportunity to review those terms and subsequently accept them. (And if you reject them? Good luck getting your refund on opened software...)

matticus008
Oct 10, 2007, 05:02 PM
Matticus, in my interpretaton, you've got it exactly backwards.
So what, exactly, is it that you disagree with?

Installation of third party software is not against the iPhone SLA. Modification of your own firmware is not prima facie illegal.
People who "hack" their iPhone willy nilly with the open-ended intent of installing any arbitrary 3rd party application are in material breach of Apple's EULA.
Which people? Where?
As such, Apple, if it so chose, could sue all such people with copyright infringement, and would have a fair chance of winning.
They'd have to find them first, and they'd have to demonstrate a harm. Personal use allows people to add to software, provided they're not infringing on other rights in the process. Apple would be best served by going after the providers of such a hack, should it wish to pursue litigation. Instead, however, it's clear that the main tool is simply fixing the firmware via software update.
People whose sole intent in jailbreaking their iPhone was to install a piece of SIM-unlock software, are arguably NOT in violation of the EULA.
No, they're still in violation of the EULA. What they're not is liable for copyright damages as a result.
If those SIM-unlocked people have already activated a service agreement with AT&T, then they are still contractually required to pay the early termination fee or else they'll still be on the hook for paying the prescribed monthly service fees
Yes. What does that have to do with anything?
Only Apple's software EULA is applicable, and again, I hold that agreement has *not* been violated.
You just said that they did.
I just don't agree that people who have SIM-unlocked iPhones have necessarily done anything illegal.
Who said they had?

robbyx
Oct 10, 2007, 05:21 PM
True, but who says it has to stay that way? What if the colonial Americans were like that? If they were, there would be a USA. WHat we call Americans would all be English citizens right now.

You aren't seriously comparing the founding of the USA to hacking the iPhone, are you? That's laughable!

matticus008
Oct 10, 2007, 05:32 PM
Terms disclosed in advance of the sale? Printed on the outside of the box maybe?
You as a consumer are responsible for knowing the terms attached to a product. That includes all software licenses on products. If you have a concern about the terms, you are required to review them prior to purchase. If they are available to you (upon request, by visiting the website, or by any other reasonable means), the seller has fulfilled his obligation. This facilitates commerce.

Actual knowledge has never been held to be required. Notice and opportunity is present in the nature of the transaction.
Find me controlling precedent anywhere that says a license agreement not presented to or accepted by the user in the course of installation or use of software is binding on that user. (AFAIK it's possible to jailbreak, activate, install software on, and subsequently use an iphone without ever being presented with a license agreement.)
You do not need to be handed terms on a silver platter. Willful ignorance of terms does not excuse you from being bound to them--ignorantia juris non excusat. You are responsible for the terms you agreed to, whether you are actually aware or not. See Gateway 2000 v. Hill. I've already given you the controlling precedent. If you need further case law, look it up yourself. By the Mirror Image Rule, if you provide unequivocal assent through purchase, you have agreed to all terms attached. Whether you took the opportunity to read them or whether they were personally handed to you is immaterial to objective intent (Allied Steel v. Ford; White v. Corlies).
All the EULA-upholding cases I'm aware of, but especially ProCD and Blizzard, don't involve a factual question of whether the end user was presented with or accepted the license - that the user was presented with, and accepted, a clickwrap license was stipulated.
You're misusing 'stipulate' and 'factual question'. You're also misunderstanding the nature of the cases. Once again, there has never been a court decision which said that EULAs are unenforceable.
I'm saying that I believe nothing but the pre-disclosed terms of the sale bind the buyer of an iPhone until they've manifest acceptance of additional terms disclosed later by, e.g., clicking 'Agree' to the iTunes license.
No. That is not the presumption of transactions under the UCC. Unless you give a specific counteroffer or issue qualified assent, you are accepting the offer including all of its terms. Had you made a counteroffer, it would be rejected, and thus the only way to possess the device legally is by agreeing to its terms.
I'm aware of has ever held that by buying a box you are bound by the "mystery terms" inside until you have the opportunity to review those terms and subsequently accept them.
That's because no software contains "mystery terms." The licenses are available for review prior to purchase and include remedies for disputes arising under those licenses. No court has ever needed to pursue the question since the 1980s. You are not barred from knowing the terms, nor are they disclosed contingent on purchase--you're free to request them beforehand and thus the conditions of Step-Saver no longer exist.

Purchasing and retaining the product indicates assent to contraction and is valid under 2-606. The sole exception in the Klocek case regards a term that is not part of the course of trade and is therefore unusual, requiring specific and express assent to that mandatory arbitration clause. There was no discussion as to whether the included terms were invalid (they were). The only issue was that the agreement included a waiver of rights normally retained. You cannot establish that you normally have full rights over a software purchase, and thus the law follows that the contract does not limit rights which are customarily reserved by the purchaser.

EagerDragon
Oct 10, 2007, 05:59 PM
You as a consumer are responsible for knowing the terms attached to a product. That includes all software licenses on products. If you have a concern about the terms, you are required to review them prior to purchase. If they are available to you (upon request, by visiting the website, or by any other reasonable means), the seller has fulfilled his obligation. This facilitates commerce.

Actual knowledge has never been held to be required. Notice and opportunity is present in the nature of the transaction.

You do not need to be handed terms on a silver platter. Willful ignorance of terms does not excuse you from being bound to them--ignorantia juris non excusat. You are responsible for the terms you agreed to, whether you are actually aware or not. See Gateway 2000 v. Hill. I've already given you the controlling precedent. If you need further case law, look it up yourself. By the Mirror Image Rule, if you provide unequivocal assent through purchase, you have agreed to all terms attached. Whether you took the opportunity to read them or whether they were personally handed to you is immaterial to objective intent (Allied Steel v. Ford; White v. Corlies).

You're misusing 'stipulate' and 'factual question'. You're also misunderstanding the nature of the cases. Once again, there has never been a court decision which said that EULAs are unenforceable.

No. That is not the presumption of transactions under the UCC. Unless you give a specific counteroffer or issue qualified assent, you are accepting the offer including all of its terms. Had you made a counteroffer, it would be rejected, and thus the only way to possess the device legally is by agreeing to its terms.

That's because no software contains "mystery terms." The licenses are available for review prior to purchase and include remedies for disputes arising under those licenses. No court has ever needed to pursue the question since the 1980s. You are not barred from knowing the terms, nor are they disclosed contingent on purchase--you're free to request them beforehand and thus the conditions of Step-Saver no longer exist.

Purchasing and retaining the product indicates assent to contraction and is valid under 2-606. The sole exception in the Klocek case regards a term that is not part of the course of trade and is therefore unusual, requiring specific and express assent to that mandatory arbitration clause. There was no discussion as to whether the included terms were invalid (they were). The only issue was that the agreement included a waiver of rights normally retained. You cannot establish that you normally have full rights over a software purchase, and thus the law follows that the contract does not limit rights which are customarily reserved by the purchaser.

As always, well said. I wish more people would read your posts instead of assuming they have ceirtain imagined rights.

blackcrayon
Oct 10, 2007, 06:29 PM
I had the installer.app on my first phone and it was cool and all but it seems some of those apps caused more problems and drained the battery faster. When I uninstslled some apps that I didn't like, I dont think it fully unistalled them. Take Navizon for example; when I reinstalled it, it still had all my settings still saved. It lead me to believe that even though I uninstalled it, it eas still somewhere on the phone.


Preference files. Same way it usually works on Mac OS X.



I just picked up a brand new phone that was already installed with 1.1.1 and I will keep it that way.

<cut>

My new phone runs smoother and the battery lasts a whole hell of a lot longer than it did with all those 3rd party apps. The only thing I miss is being able to customize my icons and stuff but I would rather have a phone that I can update and keep secure than have that. Again Apple will have more apps out soon.

I have a hard time believing that battery life is really affected much- using apps that don't run unless you launch them, and that for the most part *pause* when you return back to the main screen (try running top and watching the cpu usage of the different apps on the phone). The only way my iPhone has lost battery life from 3rd party apps is that I have a lot more that i can actually do with it ;)
(Ok, i won't rule out some other mechanism, but it just doesn't seem like it would make much difference other than for obvious reasons like you're playing long NES sessions on the phone ;)

vga4life
Oct 10, 2007, 07:49 PM
See Gateway 2000 v. Hill.

Thanks for taking the time to respond. I am learning something here, disillusioning though it may be. (Like I said - I'm not an attorney, please forgive my clumsy use of terms of art.)

I'd forgotten Gateway 2000, of course. By that court's logic, one party can impose terms on another unilaterally, after the contract has been agreed to, and assume silence as consent - and impose significant additional costs to the other party should they reject the additional terms (e.g. the costs of returning the hardware, or the cost of the software that's non-returnable once opened - the retailer doesn't care you're returning software because you didn't like the EULA.)

Bunk in my book, but possibly the law as it stands today, at least in some places.

MacToddB
Oct 10, 2007, 08:34 PM
Well, I don't think a tantrum ever gets you what you want. And it certainly never earns you respect.

The only way third party application development is EVER going to happen for the iPhone is if Apple releases an SDK. Otherwise, hack it all you want, but you constantly run the risk of Apple shutting you down. And I don't know about you, but I use/buy third party applications because they add value and I know they will work. I wouldn't bother with a third party app that I knew might one day (soon) be rendered inoperable by a system update. What's the point?

Actually it seems like a little tantrum worked, re the $200 price drop... FYI, I was NOT one of those complaining...I felt I had generated $200+ benefit already as our software firm announced a web-based app that day, and we couldn't have been that far along had we waited for an iPhone. Indeed, the lower cost just meant more accessibility and buzz for our iPhone web app.

Likewise, the developers who have been working on native apps via hacks will be that much further ahead when Apple has a formal SDK. And they'll have the first mover advantage, street cred, testimonials, a user base, and most importantly, working product on day 1.

MacToddB
Oct 10, 2007, 08:48 PM
Correct.

And the number of people that installed 3rd party hacks and took the poll on one of the most popular mac web sites....

http://www.macpolls.com/?poll_id=560

4,851

Out of 1.X million iphones.


Okay... The same poll said 4,463 DID NOT install hacks. So, by your logic, 99.999% of iPhone's are running 3rd party apps! :p

Seriously, the reality is that, the last I checked, there were 119,061 MobileChat downloads, 70,000+ OpenSSH downloads, and countless installer.app downloads, not counting mirrors, and different hacks, and individuals hacking multiple iPhones for friends/commerce... a significant enough number that (1) Apple took harsh action with 1.1.1, and (2) they are talking about a formal 3rd party program. So while you might discount the numbers, they're high enough that Apple is paying attention. And that also points to the demand for a native iChat-type app.

In the end, we all want the same thing... for our iPhones to be the best they can be, in terms of security AND functionality. We're ALL fans of the iPhone...it's like Star Trek. I'm a fan of the original series but if you like Next Gen, that's fine with me. I prefer iPhone 1.0 while you might like 1.1.1.

taybo20
Oct 10, 2007, 09:37 PM
...they are a private company selling a product...

Technically they are public because their stock is traded on the public market. I think... Maybe publicly owned, privately operated.

twoodcc
Oct 10, 2007, 09:49 PM
well hopefully they'll get installer working with it soon.

ddubbo
Oct 11, 2007, 02:44 AM
The most funny thing is that took only two weeks to penetrate the "best browser in th world" and "best and most secure operation system"

emotion
Oct 11, 2007, 03:07 AM
The most funny thing is that took only two weeks to penetrate the "best browser in th world" and "best and most secure operation system"

I'll ignore the troll angle on that :)

I think the message you need to take from this is that no consumer OS is totally secure. Anyone who thinks OSX is impregnable should think again.

As it happens I consider OSX to be secure enough when patched correctly. For all those staying with previous versions of the OS for their Touch/iPhone should think about that for a second.

Would you run an unpatched version of XP, for example. I'd like to think most people would say "Of course not!".

blackcrayon
Oct 11, 2007, 05:55 AM
I'll ignore the troll angle on that :)

I think the message you need to take from this is that no consumer OS is totally secure. Anyone who thinks OSX is impregnable should think again.

As it happens I consider OSX to be secure enough when patched correctly. For all those staying with previous versions of the OS for their Touch/iPhone should think about that for a second.

Would you run an unpatched version of XP, for example. I'd like to think most people would say "Of course not!".

If the latest patch broke your Super Duper Half-Life IV: Chicken Sandwich Edition, and that was one of the primary reasons you used your PC in the first place, you might hold off on that patch ;) No sense in having a secure system that won't run the primary software you use that system for (of course that's up to the individual in each case).

123
Oct 11, 2007, 06:33 AM
4,851

Out of 1.X million iphones.

1.X million iphones? Apple only sold 9500 iphones. The poll says so.

guzhogi
Oct 11, 2007, 09:41 AM
You aren't seriously comparing the founding of the USA to hacking the iPhone, are you? That's laughable!

Not hacking the iPhone, but rather people's apathy today. It seems like so many people today just take what's out there (phones, work, food, whatever) and not do anything to change it for the better. So many people are like "Oh, well. What can I do? I'm onlt 1 person," or don't see how it benefits them enough.

I remember a scene from the movie "Runaway Jury" where the jury is arguing about whether to give this widow a bunch of money b/c her husband was killed by someone w/ a gun. Some of the jurists said that having the gun company may millions of dollars in punitive damages to the widow won't bring back her husband. I get that. But no one ever thinks of it the opposite way: preventing more people from getting shot. So what I'm saying is one main reason people don't fix things is b/c they think about undoing the current damages, not about preventing more damage.

That's what I'm comparing the founding of the US to: not just iPhone hacking, but people's apathy towards change in general.

Nym
Oct 11, 2007, 11:19 AM
Unfortunately this whole "Apple/iPhone/Firmware Hackers" is becoming just like the "Sony/PSP/Homebrew Scene".

The truth is... if you lock something, chances are that it's just a matter of time until someone cracks it open, hurting the company that builds the product. That's why I seriously think that Apple needs to open up the iPhone, they should sell apps via iTunes and eventually earn money from the people who only want an unlocked iPhone.

Personally, I won't buy an iPhone until it becomes unlocked, which I hope that Apple is at least considering doing.. they DO NOT want to end up like Sony battling against firmware hackers which end up winning in the long run.

If Apple opens up the iPhone, sales will be even bigger.. and with a cool service to buy apps from iTunes.. they get yet another source of revenue.

I mean, I don't know if I'm making sense but this feels like logic 101 to me, and it makes customers happy, which is what leads to profit.

MagnusVonMagnum
Oct 11, 2007, 01:30 PM
You have have obviously made a decision to remain in the past. This appears to be be the only way to move forward and it is basically on a course of disaster if you so chose to embark on it. I certainly would not.

He's doing that so his iPhone doesn't get bricked by Apple (which it would as soon as he updated it). So you're saying you would go ahead with the future and brick your iPhone if you were in his shoes? That doesn't sound like a good idea to me at all....

Whether you agree with him unlocking the phone in the first place is beside the point. Apple chose to brick iPhones and he chose to unlock his. Apple has chosen for him to not 'move forward'. There is no greater "disaster" than a bricked iPhone so your comments make zero sense.

Doctor Q
Oct 11, 2007, 03:34 PM
The truth is... if you lock something, chances are that it's just a matter of time until someone cracks it open, hurting the company that builds the product.Conversely, cracks tend to stop working as the product evolves, whether the company causes that on purpose or it's just a side effect of new hardware, software, and firmware.

So it may just be "the way of things" that some people will get away with having more than the company intended for each new product, but only temporarily. And if those users, by their tech-oriented nature, eventually upgrade to a newer model, then squeeze extra features out of it too, the company has suffered delayed sales, not necessarily lost sales, while the users have indeed paid extra for their extra features, in the form of increased effort, more risk, and less support.

goosnarrggh
Oct 11, 2007, 04:02 PM
So what, exactly, is it that you disagree with?
I disagree with your assertion that installing arbitrary 3rd party software on the iPhone is not illegal.

The act of installing arbitrary 3rd party software by any mechanism we are currently aware of, requires modification of the firmware provided by Apple. Doing so is expressly in violation of the EULA, "except as ... pemitted by applicable law" (direct quote from the EULA). You do not own the Apple-provided software on the iPhone; it is licensed to you. In using that software in a way that is not provided for under the license agreement, you are infringing on Apple's copyright. Illegal.

http://images.apple.com/legal/sla/docs/iphone.pdf

Installation of third party software is not against the iPhone SLA. Modification of your own firmware is not prima facie illegal.
Yes it is, because in order to install your own software, you'd first have to modify Apple's software. Doing so for any purposes that are not specifically permitted under "applicable law" is a violation of the EULA.

Which people? Where?
Any people anywhere who have modified the iPhone firmware in the act of installing 3rd-party software on the iPhone that is not specifically exempted.

They'd have to find them first, and they'd have to demonstrate a harm. Personal use allows people to add to software, provided they're not infringing on other rights in the process. Apple would be best served by going after the providers of such a hack, should it wish to pursue litigation. Instead, however, it's clear that the main tool is simply fixing the firmware via software update.
And that is very generous of them. Ideally, Apple should have deliberately bricked anybody who jailbroke the iPhone (and in my opinion, this is the ironic part in light of recent events) and then proceeded to do anything beyond installing a SIM unlock.

No, they're still in violation of the EULA. What they're not is liable for copyright damages as a result.
The EULA is a license. It exists solely as a means of specifying the terms under which an Intellectual Property owner assigns permission to the end user to make use of that intellectual property. It disallows any modifications of the Apple-provided software, except as permitted under applicable law.

A DMCA exemption exists which allows firmware modifications to be made specifically for the purpose of network modifications. That is the "applicable law" which causes SIM-unlocking to be permissible under the EULA.

The network carrier (AT&T) doesn't show up anywhere in the EULA.

I have not yet seen any applicable law which would establish that firmware modifications for any other purposes would be exempted.

Yes. What does that have to do with anything?
I was attempting to preemptively defend my argument against anybody who might come along and try to shoot the entire thing down by bringing up the spectre of AT&T.

You just said that they did.
Clearly we're failing to communicate.
I said that anybody who modified the iPhone exclusively for achieving the SIM unlock was specifically NOT violating the EULA.

Anybody who modified the iPhone firmware for any other reason specifically WAS violating the EULA.

Who said they had?
The way I interpreted your comments, I thought you had said that. If I was incorrect in my interpretation, then I apologize.

Apparently we're both suffering from a case of hearing problems, because it seems to me that maybe you didn't fully grasp what I had been saying either.

vga4life
Oct 11, 2007, 04:07 PM
Ideally, Apple should have deliberately bricked anybody who jailbroke the iPhone (in my opinion, ironic in light of recent events) for any reason other than SIM unlocks.

Geez, aren't you a bundle of sunshine? You must have tons of friends with an attitude like that.

goosnarrggh
Oct 11, 2007, 04:21 PM
Geez, aren't you a bundle of sunshine? You must have tons of friends with an attitude like that.

Ok, on sober second thought, I think I'd change "..should have bricked..." to "...would have been justified in bricking..."

In my version of the best possible world, I personally would have preferred seeing no phones get bricked at all.
All 3rd-party apps removed and SIM unlocks undone? I could probably hesitantly swallow it.
Bricked? I would have preferred not.

matticus008
Oct 11, 2007, 06:34 PM
By that court's logic, one party can impose terms on another unilaterally, after the contract has been agreed to, and assume silence as consent
Not at all. You can't impose a unilateral contract after the fact at all without a new acceptance. The issue is one of timing. The offer includes terms delivered with the product. Your acceptance is acceptance of those included terms, regardless of whether you ask for them or whether you read them beforehand (there are certain kinds of agreements which must be executed in writing by signature [usually credit and land purchase, but almost never personalty]).

You're looking at what the customer actually knew at the time of agreement, rather than what they were responsible for knowing. In order for your scenario to exist, they would have to send supplemental terms after the acceptance (and in order to demonstrate that, they'd have to show how the terms were different from those available beforehand).
impose significant additional costs to the other party should they reject the additional terms (e.g. the costs of returning the hardware, or the cost of the software that's non-returnable once opened
The retailer isn't a factor if they're separate from the manufacturer. The cost of returning the hardware is bargained for in the purchase agreement by way of the store's return policy. More to the point, though, there are still no additional terms. They are the same terms attached to the original offer. They do not become additional merely because the offeree has not yet chosen to read them.
I disagree with your assertion that installing arbitrary 3rd party software on the iPhone is not illegal.
It is not. The installation of software is not illegal. The installation by illegal means would be, but the factor there is the illegal means, not the installation. Do you see the difference?

In using that software in a way that is not provided for under the license agreement, you are infringing on Apple's copyright. Illegal.
You're still mixing up the relevant acts. Installation of third party software is not barred by license, nor would it be enforceable in the agreement. Hacking the firmware to do so would be in violation, but you don't prosecute end users for running executables that otherwise have no consequences. If you install the "Sketches" application, you don't have the unclean hands of breaking prohibitions on reverse engineering. The person(s) who wrote and distributed the software are your targets. Yes, you can sue the end user if you really want to, but what relief would you get? An injunction against the end users is worthless; most customers are relatively judgment proof in damages; making the case is much, much harder; it's bad policy. They're small fish, and not worth it.

Yes it is, because in order to install your own software, you'd first have to modify Apple's software.
It's the modification you're talking about, not the installation. You can't punish someone for doing something which merely includes an unlawful act. You can't sue me for "flying to Florida" if while in Florida, I burn down your vacation home.
I have not yet seen any applicable law which would establish that firmware modifications for any other purposes would be exempted.
Personal use at common law allows for a wide variety of personal, noncommercial, private acts. Basically, anything you do without interfering with someone else's rights is fair game--when that act becomes public, or when it interferes with commercial interests, it is no longer personal use and no longer protected. This is a due process issue. You're not doing anything wrong if you modify your phone yourself. If you distribute those modifications for others, if you undermine or compete with Apple's ability to sell/control/profit from/uphold their own agreements, or if your modification causes damage, interruption, or otherwise acts strangely on a network, then there's the threshhold where you're in trouble.
it seems to me that maybe you didn't fully grasp what I had been saying either.
I understand what you're arguing (some of which is correct and some of which is arguable but impractical, and some of which is just wrong), but you don't understand that you're not actually saying what you mean. Be more precise when making a legal argument.

vga4life
Oct 11, 2007, 09:46 PM
You're looking at what the customer actually knew at the time of agreement, rather than what they were responsible for knowing. In order for your scenario to exist, they would have to send supplemental terms after the acceptance (and in order to demonstrate that, they'd have to show how the terms were different from those available beforehand).

I see. ProCD held that the terms inside are binding after the buyer has the opportunity to read them and reject them by returning the product. Gateway 2000 held that no notice of additional terms within was required since the buyer had the opportunity to discover those terms even though the box didn't warn them they existed; the contract being formed not when payment was rendered but when the box was opened and the additional terms were presented. (The court did sidestep the issue of whether and how the cost of returning the computer could be recovered - rather dismissively I thought in an era where that shipping would be a rather large fraction of the cost of the computer in the first place, at least for a low-end consumer model.)

The retailer isn't a factor if they're separate from the manufacturer. The cost of returning the hardware is bargained for in the purchase agreement by way of the store's return policy. More to the point, though, there are still no additional terms. They are the same terms attached to the original offer. They do not become additional merely because the offeree has not yet chosen to read them.

I understand - it would seem that a purchaser of any good under the Gateway 2000 logic has a duty to inquire about additional terms concealed within the packaging of any product if one is remotely concerned about the prospect of additional consideration owed (i.e. you didn't just buy that can opener, you agreed to pay Black & Decker $10/month for 24 months for can-opener technical support. Sorry you didn't ask first. If you disagree, please return this device to the manufacturer - Guangzhou Small Appliance Factory #12 - by air freight.), or the availability of any remedy (indemnify and hold harmless for any defect even caused by gross negligence, not fit for any purpose, will cause early death, all disputes to be arbitrated before an independent panel of our shareholders, etc etc - even if it every term doesn't stick it's all severable and you have to litigate to find out.)

As an aside, the comment that the computer in Gateway 2000 would be "useful only as a boat anchor" without its included software and so limiting ProCD to software wouldn't have helped the Hills is deeply wrong for obvious reasons - plenty of people buy computers with no intention of ever using the included operating system software in any capacity. This doesn't reflect well on the court's understanding of technology, but I guess that's par for the course.

matticus008
Oct 11, 2007, 10:18 PM
Gateway 2000 held that no notice of additional terms within was required since the buyer had the opportunity to discover those terms even though the box didn't warn them they existed
More accurately, there was no notice of terms required because there were no additional terms. A consumer product comes with a warranty; products with software come with license agreements; products that require a separate service (Tivo, cell phones, cable TV, OnStar, etc.) come with a service agreement. These terms are part of the sale of these products based on their nature.
the contract being formed not when payment was rendered but when the box was opened and the additional terms were presented.
Almost. The contract was formed when consideration was exchanged (the moment they paid). The contract was perfected upon delivery of goods. For all legal purposes in accordance with the OTC, your assent ends the question, regardless of whether or not you've been "presented" with terms (unless you are forced to contract and denied access to the terms--note these are active verbs and do not apply where the Offeree was simply irresponsible or negligent).
The court did sidestep the issue of whether and how the cost of returning the computer could be recovered - rather dismissively
It wasn't germane to any claim in the case. The vendor's return policy governs, and it was not at issue. When you purchase by mail, you assume the risk involved in dealing with remote sellers. That includes cross-shipping or return shipping costs as required by the seller's policies, something you agreed to by entering into the transaction.
I understand - it would seem that a purchaser of any good under the Gateway 2000 logic has a duty to inquire about additional terms
Again, not additional terms. "Additional or different terms" is a term of art that does not apply here. These are part of the original, bargained-for terms that the offeree simply did not read.
(i.e. you didn't just buy that can opener, you agreed to pay Black & Decker $10/month for 24 months for can-opener technical support.
That would be a different situation entirely, because a sales transaction is settlement in full of all accounts. If you are entering into a service agreement for additional consideration, that's a separate event and a separate contract.
As an aside, the comment that the computer in Gateway 2000 would be "useful only as a boat anchor" without its included software and so limiting ProCD to software wouldn't have helped the Hills is deeply wrong for obvious reasons
Be thankful for that presumption, though. Without it, courts would not hesitate to bring down the hammer on consumers--if you didn't need the software, you wouldn't really be harmed. The idea that the software is necessary is a fundamental component in most attacks on various EULA provisions where hardware was purchased with software attached. It is less important in pure software transactions.

psxndc
Oct 12, 2007, 05:08 AM
Unfortunately this whole "Apple/iPhone/Firmware Hackers" is becoming just like the "Sony/PSP/Homebrew Scene".

The truth is... if you lock something, chances are that it's just a matter of time until someone cracks it open, hurting the company that builds the product. That's why I seriously think that Apple needs to open up the iPhone, they should sell apps via iTunes and eventually earn money from the people who only want an unlocked iPhone.


Hmmm.... an interesting quote. I bought a PSP-Slim recently. I loved it so much, I bought an original one just so I could put homebrew stuff on it (while keeping the slim "legit" in case there is ever a major problem with playing games on the other). Now, while _I_ buy all my games and only rip PSX games I own, sadly I realize that is not why a lot (I don't know percentages) of other people that go the hombrew route.

My point is, is it demonstrable that hacking a piece of hardware hurts the company? In my case, Sony sold an extra PSP and I'm going around to all my friends gushing about home much I love this thing. A friend of mine might buy one now (not for homebrew - she just wants portable Puzzle Fighter).

*shrug*

-p-