Go Back   MacRumors Forums > News and Article Discussion > iOS Blog Discussion

Reply
 
Thread Tools Search this Thread Display Modes
Old Sep 28, 2007, 10:12 PM   #1
MacRumors
macrumors bot
 
Join Date: Apr 2001
Security Updates in iPhone 1.1.1



Aside from the new features found in iPhone 1.1.1, CNet details the important security fixes that accompanied the 1.1.1 upgrade.

Some may be planning on keeping their 1.0.2 iPhones for various reasons (unlocking, 3rd party software), but you should be aware of the number of vulnerabilities that are patched in the newest iPhone update.

Many of the issues affect Safari, with 7 distinct issues being addressed.

Article Link
MacRumors is offline   0 Reply With Quote
Old Sep 28, 2007, 10:24 PM   #2
mapezzul
macrumors newbie
 
Join Date: Sep 2007
Thanks Arn for posting this up..... not sure how many people look at CNET for Mac info.
The security holes alone make up for this loss of 3rd party apps. Also brings to light that the iPhone safari is not as solid as the OSX version.

Hope people will realize that the patching for 1.1.1 secured the phone up for other reasons rather than just breaking unlocking and 3rd party apps. Hacking phones for exploits will be the next wave of viruses (more so than in the past and currently). I just hope Apple can keep up for my contacts and mysake.

-Map
mapezzul is offline   0 Reply With Quote
Old Sep 28, 2007, 11:31 PM   #3
synth3tik
macrumors 68040
 
synth3tik's Avatar
 
Join Date: Oct 2006
Location: Minneapolis, MN
Send a message via AIM to synth3tik
Damn Apple, putting secuity updats in the 1.1.1 update. Making us update our phones, keepinh us down.
synth3tik is offline   0 Reply With Quote
Old Sep 28, 2007, 11:32 PM   #4
Demon
macrumors regular
 
Join Date: Feb 2004
Location: on earth
Send a message via AIM to Demon
In that case, does the iPod touch face the same security problems with safari? and does the "touch" update address those vulnerabilites?
I'm still torn with whether to get the touch or wait for another hack for the iPhone. damn it, sometimes these small things make me want to move back to the US.
But... i'm quite happy to be away the "Bushlands" at the moment
__________________
Apple user since 1984, Apple IIe clone
Demon is offline   0 Reply With Quote
Old Sep 29, 2007, 04:07 AM   #5
elppa
macrumors 68040
 
elppa's Avatar
 
Join Date: Nov 2003
Quote:
Originally Posted by Demon View Post
In that case, does the iPod touch face the same security problems with safari? and does the "touch" update address those vulnerabilites?
I'm still torn with whether to get the touch or wait for another hack for the iPhone. damn it, sometimes these small things make me want to move back to the US.
But... i'm quite happy to be away the "Bushlands" at the moment
Touch will be fine, it runs the latest software.
elppa is offline   0 Reply With Quote
Old Sep 29, 2007, 06:05 AM   #6
ogee
macrumors 6502
 
Join Date: Nov 2006
Location: Earth.
So I can remain at 1.0.2 but still use my iPhone with security flaws or upgrade to 1.1.1 and have a nice looking paperweight......


I will wait for the 1.1.1 hacks first.
ogee is offline   0 Reply With Quote
Old Sep 29, 2007, 06:55 AM   #7
eddiebrock
macrumors member
 
Join Date: Sep 2007
Don't worry 1.0.2 users, even these security "fixes" don't justify moving to 1.1.1.


Quote:
Bluetooth
This patch affects users of Apple iPhone and addresses the vulnerability in CVE-2007-3753. By sending maliciously crafted Service Discovery Protocol (SDP) packets to an iPhone with Bluetooth enabled, an attacker within range may be able to trigger the issue, which may in turn lead to unexpected application termination or arbitrary code execution. Apple credits Kevin Mahaffey and John Hering of Flexilis Mobile Security for reporting this vulnerabliity.
Solution: Turn off Bluetooth in "Settings"

Quote:
Mail man-in-the-middle attack
This patch affects users of Apple iPhone and addresses the vulnerability in CVE-2007-3754. When Mail is configured to use SSL for incoming and outgoing connections, it does not warn the user when the identity of the mail server has changed or cannot be trusted and could lead to a man-in-the-middle attack.
Solution: Use Yahoo Mail (which doesn't operate on SSL) or check your mail through Safari

Quote:
Mail telephone link
This patch affects users of Apple iPhone and addresses the vulnerability in CVE-2007-3755. "By enticing a user to follow a telephone link in a mail message, an attacker can cause iPhone to place a call without user confirmation." Apple credits Andi Baritchi of McAfee for reporting this vulnerability.
Solution: Key word here is "enticing." Anyone that is stupid enough to click a link from an unknown email deserves what they get. Delete the message. And LOL, "Oh my god, it's making me dial a phone number!!! Aaaah!" Dude, just hit end call and the world will go on.

Quote:
Safari 1
This patch affects users of Apple iPhone and addresses the vulnerability in CVE-2007-3756. "A design issue in Safari allows a Web page to read the URL that is currently being viewed in its parent window. By enticing a user to visit a maliciously crafted Web page, an attacker may be able to obtain the URL of an unrelated page." Apple credits Michal Zalewski of Google and Secunia Research for reporting this issue.
Solution: Oooh, they read my URL! I'm gonna die! So what if they know what URL I'm looking at in another window? For secure websites (banks, etc) knowing a URL is not enough because when you go to another computer and even just copy-paste that URL in, it will always ask you for some sort of authentication. And don't click on a link that could be from a malicious source.

Quote:
Safari 2
This patch affects users of Apple iPhone and addresses the vulnerability in CVE-2007-3757. "Safari supports telephone ("tel:") links to dial phone numbers. When a telephone link is selected, Safari will confirm that the number should be dialed. A maliciously crafted telephone link may cause a different number to be displayed during confirmation than the one actually dialed. Exiting Safari during the confirmation process may result in unintentional confirmation." Apple credits Billy Hoffman and Bryan Sullivan of HP Security Labs (formerly SPI Labs) and Eduardo Tang for reporting this issue.
Solution: Again, not sure why you would click a random phone number while browsing the web. Write the number down and use good old keypad!

Quote:
Safari 3
This patch affects users of Apple iPhone and addresses the vulnerability in CVE-2007-3758. "A cross-site scripting vulnerability exists in Safari that allows malicious Web sites to set JavaScript window properties of Web sites served from a different domain. By enticing a user to visit a maliciously crafted Web site, an attacker can trigger the issue, resulting in getting or setting the window status and location of pages served from other Web sites." Apple credits Michal Zalewski of Google for reporting this issue.
Solution: I'm not really sure how this applies if JavaScript is disabled in iPhone Safari. Isn't that the case here? If JavaScript is enabled, again it's the same as if you're browsing a normal computer - DON'T VISIT THOSE "ENTICING" WEBSITES!!! DUH!

Quote:
Safari 4
This patch affects users of Apple iPhone and addresses the vulnerability in CVE-2007-3759. "Safari can be configured to enable or disable JavaScript. This preference does not take effect until the next time Safari is restarted. This usually occurs when the iPhone is restarted. This may mislead users into believing that JavaScript is disabled when it is not."
Solution: Again, I could have sworn JavaScript didn't work on the iPhone? But even if it does, now we know the fix - just restart the phone when you change your Safari settings. Not too hard. And if you CAN disable or enable JavaScript, just keep it disabled! I heard JavaScript is pretty much useless on teh iPhone anyway.

Quote:
Safari 5
This patch affects users of Apple iPhone and addresses the vulnerability in CVE-2007-3760. "A cross-site scripting issue in Safari allows a maliciously crafted Web site to bypass the same-origin policy using "frame" tags. By enticing a user to visit a maliciously crafted Web page, an attacker can trigger the issue, which may lead to the execution of JavaScript in the context of another site." Apple credits Michal Zalewski of Google and Secunia Research for reporting this issue.
Solution: Again, "enticing." Just keep JavaScript disabled when you want to mess around with "malciously crafted web pages"

Quote:
Safari 6
This patch affects users of Apple iPhone and addresses the vulnerability in CVE-2007-3761. "A cross-site scripting issue in Safari allows JavaScript events to be associated with the wrong frame. By enticing a user to visit a maliciously crafted Web page, an attacker may cause the execution of JavaScript in the context of another site."
Solution: Yet AGAIN, "enticing." Disable JavaScript when you want to be stupid and visit these malicious sites!

Quote:
Safari 7
This patch affects users of Apple iPhone and addresses the vulnerability in CVE-2007-4671. "An issue in Safari allows content served over HTTP to alter or access content served over HTTPS in the same domain. By enticing a user to visit a maliciously crafted Web page, an attacker may cause the execution of JavaScript in the context of HTTPS Web pages in that domain." Apple credits Keigo Yamazaki of Little Earth Corporation for reporting this issue.
Solution: Why would you be visiting malicious sites in one window and having a secure HTTPS site open in another! The easy way out is to just have one window open when you are browsing an https site. And again, if you are suspicious about a site, close everything else! Sheesh!

So basically, none of these updates justify 1.0.2 users whose phones are unlocked to upgrade. They're all stuff that is useful to know for sure, but doesn't need the upgrade - they can be prevented by mere common sense. Don't be "enticed" to visit weird, potentially malicious websites on your iPhone - something I don't even do on my regular computer.

Or better yet, don't think of your iPhone as a replacement for your computer! If you like to "browse malicious websites" and click on random links that you have no idea about, maybe the iPhone isn't for you
eddiebrock is offline   0 Reply With Quote
Old Sep 29, 2007, 08:57 AM   #8
nismo
macrumors member
 
Join Date: Aug 2007
this guy speaks the truth
nismo is offline   0 Reply With Quote
Old Sep 29, 2007, 09:06 AM   #9
megfilmworks
macrumors 68020
 
megfilmworks's Avatar
 
Join Date: Jul 2007
Location: Sherman Oaks
 
I must be missing something, I should not update my iphone and jump through all these hoops just so I can have a few silly 3rd party apps or another rip off carrier?
__________________
MacPro Waste Basket 12 Core, Macbook Pro 15" RD
iPhone 5s - iPhone Gen1 - iPod Gen1 - iPad Gen1
ATV - Time Capsule - BlackMagic - RED - Arri - FCPX
DA42 - BE G58
megfilmworks is offline   0 Reply With Quote
Old Sep 29, 2007, 09:10 AM   #10
eddiebrock
macrumors member
 
Join Date: Sep 2007
^^Since I've already said enough in this thread...I'll leave it to the folks at Wired Magazine to sum it up best:



Yeah, all those seem pretty "silly" to me too. And yeah, all the other carriers just "rip off" AT&T!
eddiebrock is offline   0 Reply With Quote
Old Sep 29, 2007, 09:35 AM   #11
Mark Scheuern
macrumors member
 
Join Date: Jul 2007
Location: Michigan
Quote:
Originally Posted by eddiebrock View Post
Solution: Turn off Bluetooth in "Settings"
That doesn't help much if you actually want to use Bluetooth.

Quote:
Solution: Oooh, they read my URL! I'm gonna die! So what if they know what URL I'm looking at in another window? For secure websites (banks, etc) knowing a URL is not enough because when you go to another computer and even just copy-paste that URL in, it will always ask you for some sort of authentication. And don't click on a link that could be from a malicious source.
A URL using the GET request can contain a query string which certainly can reveal sensitive information.

Quote:
Solution: Again, not sure why you would click a random phone number while browsing the web. Write the number down and use good old keypad!
The problem is that it's not a "random" phone number you're clicking on, it could be one familiar to you and the one actually dialed could be a different one.

Quote:
Solution: Again, I could have sworn JavaScript didn't work on the iPhone? But even if it does, now we know the fix - just restart the phone when you change your Safari settings. Not too hard. And if you CAN disable or enable JavaScript, just keep it disabled! I heard JavaScript is pretty much useless on teh iPhone anyway.
JavaScript works fine with Safari on the iPhone. I can see where thinking you've turned off JavaScript and it still being on could be a problem. Why would a user have the expectation that they need to restart before the change takes place if the menus say otherwise?

Quote:
Solution: Why would you be visiting malicious sites in one window and having a secure HTTPS site open in another! The easy way out is to just have one window open when you are browsing an https site. And again, if you are suspicious about a site, close everything else! Sheesh!
Why wouldn't you? It's not as if malicious sites greet you with "Hi, I'm a malicious web site!"

Quote:
So basically, none of these updates justify 1.0.2 users whose phones are unlocked to upgrade. They're all stuff that is useful to know for sure, but doesn't need the upgrade - they can be prevented by mere common sense. Don't be "enticed" to visit weird, potentially malicious websites on your iPhone - something I don't even do on my regular computer.
I disagree. Some of these look like significant security problems to me and expecting users to get around them by avoiding things they may actually need like Bluetooth, JavaScript, SSL-encryped email, etc. is unreasonable, IMO. Not using the functionality built into the phone or jumping through hoops to get around security problems is not something most people would want to do.

Quote:
Or better yet, don't think of your iPhone as a replacement for your computer! If you like to "browse malicious websites" and click on random links that you have no idea about, maybe the iPhone isn't for you
Or update it to 1.1.1. Or never turn it on. The update option seems most reasonable to me.
Mark Scheuern is offline   0 Reply With Quote
Old Sep 29, 2007, 09:39 AM   #12
megfilmworks
macrumors 68020
 
megfilmworks's Avatar
 
Join Date: Jul 2007
Location: Sherman Oaks
 
The list of hacked apps doesn't interest me at all. My iPhone is, to me, an iPod first and foremost, so I want the wifi iTunes store. Why not just use a Palm or BBE product if you want a lot of silly apps? And as far as carriers go, there are no large differences, they are ALL rip offs.
__________________
MacPro Waste Basket 12 Core, Macbook Pro 15" RD
iPhone 5s - iPhone Gen1 - iPod Gen1 - iPad Gen1
ATV - Time Capsule - BlackMagic - RED - Arri - FCPX
DA42 - BE G58
megfilmworks is offline   0 Reply With Quote
Old Sep 29, 2007, 09:48 AM   #13
Demon
macrumors regular
 
Join Date: Feb 2004
Location: on earth
Send a message via AIM to Demon
Yeah, i agree about the price plans in the US.
I pay about 7 USD per month for 2G service, includes voicemail, SMS, caller ID, etc etc. Basic stuff.
Meanwhile the basic price for iPhone is... what? 60 USD?
__________________
Apple user since 1984, Apple IIe clone
Demon is offline   0 Reply With Quote
Old Sep 29, 2007, 10:39 AM   #14
cazlar
macrumors 6502
 
Join Date: Oct 2003
Location: Sydney, Australia
Quote:
Originally Posted by megfilmworks View Post
I must be missing something, I should not update my iphone and jump through all these hoops just so I can have a few silly 3rd party apps or another rip off carrier?
Ah, but while the 3rd party apps may not entice you at the moment, who's to say there won't be a "killer app" released next week? For example, someone demonstrated a proof-of-concept VoIP app recently - once that is polished up it could be huge.

And in regards to carriers, you are right in that all carriers seem to try to rip you off (more so in the US I've found), but many people have different uses for a phone. Personally, I don't use it enough to ever justify $60/month, and would love a PAYG option. Unfortunately, AT&T won't allow PAYG on iPhone, instead limiting it to their other GoPhone plan (which is basically the same price as the contract plan, minus the contract, with less minutes/txt/etc). My solution was to buy the phone, unlock and throw in my t-mobile PAYG SIM, and be up and running 30 minutes later. I lose EDGE and Visual voicemail, but that's fine by me.

In addition, it's surprising, but not everyone lives in the US. Anyone living (or regularly travelling) overseas needs to unlock their phone. While I currently live in the States, I won't forever, and also return home to Australia for holidays etc. There's no way I will pay roaming charges there when all I need to do is go to plug in a local SIM (which I can buy for $2 at the grocery store) into the unlocked phone. That AT&T's position is to NEVER unlock the phone (even at the end of the 2yr contract) made it intolerable to me. When I move back to Australia permanently, what would I do with my expensive paperweight? Again the solution was to unlock it myself.

So yes, for me at least, a "hacked" and unlocked phone is the ONLY way I would ever be able to buy an iPhone. And I'm very happy with mine at the moment. I'm currently less happy with the way Apple is clamping down, but that's a different rant.

To get back on-topic though, the forking of the iPhone population into two groups is terrible. Even though you can argue that the current security fixes are not huge, future ones may be, but the "hacker" population sticking happily on 1.0.2 won't be able to use these. I hope the dev team can find a way to let us all update safely (now and in the future).
cazlar is offline   0 Reply With Quote
Old Sep 29, 2007, 11:08 AM   #15
jt2ga65
macrumors regular
 
Join Date: Jul 2007
The people that don't want to hack their iPhones and are happy with the Apps that Apple has given to the users should update to 1.1.1 and ****. Their input adds no value to the people that hack their phone for one reason or another.

It is good information to know what security patches are included in the 1.1.1 update. This way people can judge if there is really a lot of risk in not updating. Looking at the list, I can see only one that COULD affect me, but the "man in the middle" attack is an EXTREMELY rare one. In fact, I have never seen it, or even heard of a case where it has happened, and I work in security for a large telco. Yes, we know that it COULD happen, but just never seen it.

The other ones are just common sense. I don't read email from people I don't know without first screening in a way that won't expose my computer to the vulnerabilities. Most of the time email from those people I don't know are caught in my web-based spam filters anyways. And I don't go clicking on every link that I come across.

-jt2
jt2ga65 is offline   0 Reply With Quote
Old Sep 29, 2007, 11:20 AM   #16
megfilmworks
macrumors 68020
 
megfilmworks's Avatar
 
Join Date: Jul 2007
Location: Sherman Oaks
 
Quote:
Originally Posted by jt2ga65 View Post
It is good information to know what security patches are included in the 1.1.1 update. This way people can judge if there is really a lot of risk in not updating. Looking at the list, I can see only one that COULD affect me, but the "man in the middle" attack is an EXTREMELY rare one. In fact, I have never seen it, or even heard of a case where it has happened, and I work in security for a large telco. Yes, we know that it COULD happen, but just never seen it.

The other ones are just common sense. I don't read email from people I don't know without first screening in a way that won't expose my computer to the vulnerabilities. Most of the time email from those people I don't know are caught in my web-based spam filters anyways. And I don't go clicking on every link that I come across.

-jt2
Is the hacker community as open as Apple is when it comes to what the software they provide actually does? Like IMEI changes?? I wish they would publish specifics so people can make an educated guess as whether to upload or not. I sure don't want to use unauthorized software that has little or no documentation. At this point i'll trust Apple over the dev team.
__________________
MacPro Waste Basket 12 Core, Macbook Pro 15" RD
iPhone 5s - iPhone Gen1 - iPod Gen1 - iPad Gen1
ATV - Time Capsule - BlackMagic - RED - Arri - FCPX
DA42 - BE G58
megfilmworks is offline   0 Reply With Quote
Old Sep 29, 2007, 11:24 AM   #17
Chip NoVaMac
macrumors G3
 
Chip NoVaMac's Avatar
 
Join Date: Dec 2003
Location: Northern Virginia
Quote:
Originally Posted by megfilmworks View Post
The list of hacked apps doesn't interest me at all. My iPhone is, to me, an iPod first and foremost, so I want the wifi iTunes store. Why not just use a Palm or BBE product if you want a lot of silly apps? And as far as carriers go, there are no large differences, they are ALL rip offs.

I do like some of the apps listed, but for me some of the changes in 1.1.1 will be worth waiting for the hackers to catch up with this update:

- Louder speakerphone and receiver volume
- Home Button double-click shortcut to phone favorites or music controls
- Space bar double-tap shortcut to intelligently insert period and space
- Mail attachments are viewable in portrait and landscape
- Preference to turn off EDGE/GPRS when roaming internationally

For many the iPhone is not first an iPod device. Apple has teased us with a great device that puts Palm and BB devices to shame. Some of the apps listed in the graphic from Wired are ones that the iPhone is well suited for; and desired by many I figure:

- eBook reader
- Instant Messaging
- Global Positioning

At least here in the US, we only have the choice of AT&T and T-Mobile for our iPhones. Of the two, AT&T is the strongest IMO.

In the end I look at the iPhone and iPod Touch being test beds for something bigger from Apple next year. Given the rumors of Apple working on a PDA device.

Using the current lineup and pricing of the iPhone and Touch, my guess for next year is:

- iPod Touch 8gb - $299
- iPhone 8gb - $399
- "iOrganizer" 8gb - $399
- iPhone2 (with "iOrganizer" built-in) 16gb -$599

Given that Apple is using a pocket sized version of OS X, it is possible that they may offer some of the apps from the rumored PDA as down loads, like they do with games. It is all about the revenue stream for Apple, and you can't fault them for that.
__________________
It is fast approaching the point where I don't want to elect anyone stupid enough to want the job. - Bombeck
Chip NoVaMac is offline   0 Reply With Quote
Old Sep 29, 2007, 11:37 AM   #18
megfilmworks
macrumors 68020
 
megfilmworks's Avatar
 
Join Date: Jul 2007
Location: Sherman Oaks
 
I agree Chip. Also, I think the posters who resent the revenue stream don't understand business. If Apple was to ignore the finances and just become a do gooder for hackers then we would have no Apple and there would not be an iPhone to debate. Remember the original Apple? Lennon wanted a record label that was set up for the artist with no concerns over the financial impact of his "business" decisions. It didn't work for the Beatles and it will not work for any business that is not a charity.
__________________
MacPro Waste Basket 12 Core, Macbook Pro 15" RD
iPhone 5s - iPhone Gen1 - iPod Gen1 - iPad Gen1
ATV - Time Capsule - BlackMagic - RED - Arri - FCPX
DA42 - BE G58
megfilmworks is offline   0 Reply With Quote
Old Sep 29, 2007, 11:42 AM   #19
Chip NoVaMac
macrumors G3
 
Chip NoVaMac's Avatar
 
Join Date: Dec 2003
Location: Northern Virginia
Quote:
Originally Posted by cazlar View Post
In addition, it's surprising, but not everyone lives in the US. Anyone living (or regularly travelling) overseas needs to unlock their phone. While I currently live in the States, I won't forever, and also return home to Australia for holidays etc. There's no way I will pay roaming charges there when all I need to do is go to plug in a local SIM (which I can buy for $2 at the grocery store) into the unlocked phone. That AT&T's position is to NEVER unlock the phone (even at the end of the 2yr contract) made it intolerable to me. When I move back to Australia permanently, what would I do with my expensive paperweight? Again the solution was to unlock it myself.
I know that I would love the option to buy a SIM for an overseas visit. But given the heavy hand that Apple has used with carriers we might never see that.

Quote:
To get back on-topic though, the forking of the iPhone population into two groups is terrible. Even though you can argue that the current security fixes are not huge, future ones may be, but the "hacker" population sticking happily on 1.0.2 won't be able to use these. I hope the dev team can find a way to let us all update safely (now and in the future).

Won't happen IMO, Apple wants to close the iPhone to other apps down for whatever reason.
__________________
It is fast approaching the point where I don't want to elect anyone stupid enough to want the job. - Bombeck
Chip NoVaMac is offline   0 Reply With Quote
Old Sep 29, 2007, 11:46 AM   #20
Virgil-TB2
Banned
 
Join Date: Aug 2007
Quote:
Originally Posted by eddiebrock View Post
... JavaScript, just keep it disabled! ...
I was *kinda* with you until this part. JavaScript is quite necessary for browsing the web. I actually hate JavaScript and have tried to turn it off many times but I always have to re-enable it at some point as it's just not practical to browse without it. Might as well go back to Lynx

If someone has a bluetooth headset on their iPhone it would also be difficult to turn off Bluetooth.

So your "solution" to the security problems amounts to:

- "careful what you click on" (totally do-able)
- "turn off Bluetooth and JavaScript" (impractical at best)

Virgil-TB2 is offline   0 Reply With Quote
Old Sep 29, 2007, 11:52 AM   #21
sananda
macrumors 68020
 
Join Date: May 2007
Quote:
Originally Posted by megfilmworks View Post
Remember the original Apple? Lennon wanted a record label that was set up for the artist with no concerns over the financial impact of his "business" decisions. It didn't work for the Beatles and it will not work for any business that is not a charity.
apple corps was set up at the suggestion of accountants as a vehicle to avoid the then punitive tax system in the UK.
sananda is offline   0 Reply With Quote
Old Sep 29, 2007, 12:01 PM   #22
megfilmworks
macrumors 68020
 
megfilmworks's Avatar
 
Join Date: Jul 2007
Location: Sherman Oaks
 
Quote:
Originally Posted by sananda View Post
apple corps was set up at the suggestion of accountants as a vehicle to avoid the then punitive tax system in the UK.
Yes, but when it opened its doors Lennon took over the direction and the result was disaster. Any book on the Beatles that covers this era will tell you the story. It was like a sitcom over there. And don't get me wrong, I love Lennon, but they could afford to have a tax shelter and lose big money. Apple is a company in business to make money.
__________________
MacPro Waste Basket 12 Core, Macbook Pro 15" RD
iPhone 5s - iPhone Gen1 - iPod Gen1 - iPad Gen1
ATV - Time Capsule - BlackMagic - RED - Arri - FCPX
DA42 - BE G58
megfilmworks is offline   0 Reply With Quote
Old Sep 29, 2007, 12:12 PM   #23
jt2ga65
macrumors regular
 
Join Date: Jul 2007
Quote:
Originally Posted by megfilmworks View Post
Is the hacker community as open as Apple is when it comes to what the software they provide actually does? Like IMEI changes?? I wish they would publish specifics so people can make an educated guess as whether to upload or not. I sure don't want to use unauthorized software that has little or no documentation. At this point i'll trust Apple over the dev team.
Actually, most free software developers are VERY open with their software, including VERY detailed changelog descriptions. Ultimately, YOU, the user, are the one that has the decide to authorize what you install on your computer. To me, the iPhone is just another computing device, this one has a phone attached to it.

Quote:
Originally Posted by megfilmworks View Post
I agree Chip. Also, I think the posters who resent the revenue stream don't understand business.
I don't think that anyone is resenting Apple for trying to make money. That's what corporations do, and that's what they need to do. Without that, not only would we not have a iPhone, but we wouldn't have any money to BUY the iPhone because we wouldn't have jobs with which to make the money. What we DO resent is Apple's stand that they know better about what we want to do with our computers than the consumers. This may be true in many cases, but not for the rest of us left out here that can still think for themselves. For us, the only intelligent thing to do is look at ALL the options to see what works best for us. And for many of us, that is to use free software.

Don't get me wrong. I think Apple has developed a very powerful product. I just think that they have crippled it for no good reason. I have no problem paying for products I like and use, and will continue to do so, however I'd consider myself to be stupid not to look at all the options, and support the best ones, either financially, or however they wish to be supported.

-jt2
jt2ga65 is offline   0 Reply With Quote
Old Sep 29, 2007, 12:23 PM   #24
aristobrat
macrumors Demi-God
 
Join Date: Oct 2005
Location: Virginia Beach
Quote:
Originally Posted by Macrumors View Post


Aside from the new features found in iPhone 1.1.1, CNet details the important security fixes that accompanied the 1.1.1 upgrade.
How did CNet figure out the actual details of the security updates? Does Apple release those anywhere, or does CNet likely have an inside source?
aristobrat is online now   0 Reply With Quote
Old Sep 29, 2007, 12:29 PM   #25
sananda
macrumors 68020
 
Join Date: May 2007
Quote:
Originally Posted by megfilmworks View Post
Yes, but when it opened its doors Lennon took over the direction and the result was disaster. Any book on the Beatles that covers this era will tell you the story. It was like a sitcom over there. And don't get me wrong, I love Lennon, but they could afford to have a tax shelter and lose big money. Apple is a company in business to make money.

yeah, i know. i remember magic alex and his lunatic schemes!!
sananda is offline   0 Reply With Quote

Reply
MacRumors Forums > News and Article Discussion > iOS Blog Discussion

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Similar Threads
thread Thread Starter Forum Replies Last Post
Best blog to see osx security updates & other third party updates GokulKrish OS X 2 May 19, 2014 05:16 AM
Security updates for SL gangof4 OS X 9 Mar 3, 2014 02:01 PM
new security updates for lion and snow leopard tywebb13 Mac OS X 10.7 Lion 0 Jan 21, 2013 05:54 PM
Safari 5 and Snow Leopard Security Updates thundersteele OS X 3 Oct 1, 2012 02:18 AM
Software Updates/Security Peter Franks Mac Basics and Help 25 Jun 14, 2012 06:08 PM

Forum Jump

All times are GMT -5. The time now is 09:22 PM.

Mac Rumors | Mac | iPhone | iPhone Game Reviews | iPhone Apps