I am not talking about bricking, more about Apple reseting the phone with their update so all your third party apps are gone.
A lot of whining about that, don't you think.
I am not condemning it, just saying know your potential consequences.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
1.1.1 Jailbreak Complete, Security Ramifications
- Thread starter MacRumors
- Start date
- Sort by reaction score
I am not talking about bricking, more about Apple reseting the phone with their update so all your third party apps are gone.
A lot of whining about that, don't you think.
I am not condemning it, just saying know your potential consequences.
+1
It would be nice if Apple doled out some sort of info about future features they would like to add. They have explicitly compared the iPhone to other smartphones, but only the iPhone is totally dependent on Apple for new features. I'm not complaining about that (it's Apple's decision), just saying it would probably benefit everyone if they doled out any info about future expansion. Instead, they're trying to treat it like iPod updates.
Again, they can do whatever they want. But given their positioning of the iPhone, I think it would behoove THEM (i.e. increase sales) to be more forthcoming about future plans for the iPhone with its capability for 'desktop class' applications.
It would be nice if Apple doled out some sort of info about future features they would like to add. They have explicitly compared the iPhone to other smartphones, but only the iPhone is totally dependent on Apple for new features. I'm not complaining about that (it's Apple's decision), just saying it would probably benefit everyone if they doled out any info about future expansion. Instead, they're trying to treat it like iPod updates.
Again, they can do whatever they want. But given their positioning of the iPhone, I think it would behoove THEM (i.e. increase sales) to be more forthcoming about future plans for the iPhone with its capability for 'desktop class' applications.
Yeah, I totally agree. Besides, jailbreaking is one step to unlocking, which Apple is likely contractually obligated to prevent. That's why it's relatively irrelevant how 1.1.1 is jailbroken, since Apple will likely patch it no matter what. All the attention on the TIFF exploit really mean a sooner patch than later for the hole, which is good for non-hacker users.
There's obviously a lot of melodrama on both sides, the actual truth and substance of the matter isn't all that difficult.
Woot! Sort of. Well, I def. consider this good news
edit: does anybody know what this means for iPhone AT&Tless activation? I've been waiting to buy an iPhone until the thing can be activated without AT&T service....
It is called and Ipod Touch!
Very true. We can debate how to do this until the end of time, but that'll just get boring. Maybe everyone on MacRumors can write letters. I don't know.
I'm glad to see that people are actually reading my posts and thinking about them. It makes me feel special.
Here's To The Obedient Ones...
Jay-sus Chrizz-ist on a bike!
All the sniveling nay-saying anti-hackers: Do you even KNOW how Jobs / Woz got their start? If it wasn't for them wanting to 'tinker' and "violate their EULA" or whatever, you probably wouldn't even HAVE an iPhone.
The ultimate irony - Jobs in bed and capitulating to AT&T, the company that, 30 years ago he was "commiting crimes" against.
Now all of the sudden, people merely trying to use their iPhones in a more creative way are suddenly the devil.
All you control freaks that think this is about entitlement and not freedom would do well to remember what various amounts of 'tantrum' throwing has accomplished in the US throughout history. Every time, there was somebody like you calling them crybabies, etc. You're in good company.
This is not to compare hacking an iPhone to the civil rights movement or women's sufferage - but it IS to remind you to show some appreciation for those who like to explore.
Read the following carefully:
"Here's to the crazy ones.
The misfits.
The rebels.
The troublemakers.
The round pegs in the square holes.
The ones who see things differently.
They're not fond of rules.
And they have no respect for the status quo.
You can praise them, disagree with them, quote them,
disbelieve them, glorify or vilify them.
About the only thing you can't do is ignore them.
Because they change things.
They invent. They imagine. They heal.
They explore. They create. They inspire.
They push the human race forward.
Maybe they have to be crazy.
How else can you stare at an empty canvas and see a work of art?
Or sit in silence and hear a song that's never been written?
Or gaze at a red planet and see a laboratory on wheels?
We make tools for these kinds of people.
While some see them as the crazy ones,
we see genius.
Because the people who are crazy enough to think
they can change the world, are the ones who do."
Jay-sus Chrizz-ist on a bike!
All the sniveling nay-saying anti-hackers: Do you even KNOW how Jobs / Woz got their start? If it wasn't for them wanting to 'tinker' and "violate their EULA" or whatever, you probably wouldn't even HAVE an iPhone.
The ultimate irony - Jobs in bed and capitulating to AT&T, the company that, 30 years ago he was "commiting crimes" against.
Now all of the sudden, people merely trying to use their iPhones in a more creative way are suddenly the devil.
All you control freaks that think this is about entitlement and not freedom would do well to remember what various amounts of 'tantrum' throwing has accomplished in the US throughout history. Every time, there was somebody like you calling them crybabies, etc. You're in good company.
This is not to compare hacking an iPhone to the civil rights movement or women's sufferage - but it IS to remind you to show some appreciation for those who like to explore.
Read the following carefully:
"Here's to the crazy ones.
The misfits.
The rebels.
The troublemakers.
The round pegs in the square holes.
The ones who see things differently.
They're not fond of rules.
And they have no respect for the status quo.
You can praise them, disagree with them, quote them,
disbelieve them, glorify or vilify them.
About the only thing you can't do is ignore them.
Because they change things.
They invent. They imagine. They heal.
They explore. They create. They inspire.
They push the human race forward.
Maybe they have to be crazy.
How else can you stare at an empty canvas and see a work of art?
Or sit in silence and hear a song that's never been written?
Or gaze at a red planet and see a laboratory on wheels?
We make tools for these kinds of people.
While some see them as the crazy ones,
we see genius.
Because the people who are crazy enough to think
they can change the world, are the ones who do."
i think it is sandboxed, but a buffer overflow is different- it's like finding out there is a hole in the sandbox...
Is this actually your experience? Because it seems COMPLETELY off the mark. I've owned plenty of Palm but no Treo's.
It is true that 3rd party apps can make a device unreliable. But to say all Palm apps do? Nonsense.
The difference is that one is legal and one is not. Hacking the iPhone is consistent with your full use and enjoyment of the product, so long as you remain lawfully accessing the provider's network and so long as you do not infringe on anyone's property rights in doing so. You are not making illegal copies or violating an explicit agreement. Putting OS X on a PC is a clear violation of license terms to the software, just as putting the iPhone OS on a Nokia would be.
Well I can't speak for whoever you're responding to, but when it involves a security exploit allowing arbitrary code execution, like this hack and the ones before it, my concern is that Apple patch it, and patch it promptly.
If the hackers want to find another vulnerability and buy a few more weeks, that's fine. But to expect Apple to leave this hole open (or to have expected them to leave the last one) is ludicrous. Perhaps the hackers should devote more resources into finding a better way to achieve their goals--one that doesn't pose a security problem and doesn't rely on firmware modification.
Actually, we call it a contract for sale and performance of K, and when the box contains terms, that's part of the sale, just as when the transaction includes associative licenses to other property. Course of trade requires those terms be upheld, and performance is assent of perfection, all terms inclusive. Buying the product is tantamount to signature at common law in all 50 states.
Neither of these sentences are true. Look it up. The terms are attached prior to sale (see UCC 2-204 et seq.) and no court has ever ruled EULAs unenforceable. Some courts have ruled specific provisions invalid and thus refused to uphold those specific requirements. There's a world of difference between what you're saying and reality.
It isn't...and I am not (nor will I be nor should Apple be) concerned when people end up with a $600 '911' callbox. The 'developers' were free to choose what they did to their phones...just as Apple is free to break it.
Well...perhaps you don't sign a contract in the store...but at some point...somewhere in the twisted wilds of reality that some folks walk in...you will come across this unavoidable fact that is plainly visibly on Apple's iPhone webpage...
To use iPhone, you’ll need to sign up for a 2-year service agreement and nowhere does it say you have the ability to install and use 3rd party apps yet.
Scream about how it can't be enforced all you want. Curse the darkness.
go...pound...sand.
and...
Congratulations on having the first 'fanboy' accusation! WOO!!
No one expects the FanBoy inquisition!!
Yawn. Seriously. This is funny stuff.
30 years ago, the technology industry was just getting started. And yes, there was a lot of hacking. And were it not for the hacking, you're right, we probably wouldn't be here. Or we'd be somewhere else entirely. Who knows.
As for using the iPhone in a more "creative" way, I think you miss the point. I don't think anyone - including Apple - really cares if you hack your phone. What they care about is the hacker's expectation that future updates will work seamlessly with whatever hack has been installed. If you hack it, accept the consequences. That's what Woz and Jobs did back in the day. They didn't go around whining or suing when something didn't go their way.
I think it's quite funny how people try to liken hacking the iPhone to "freedom", etc. Give me a break. How many devices out there don't allow you to install whatever software you want? How many cell phones are locked (let's see...EVERY ONE sold by a US cell company)? Apple has every right to define the limits of approved use of a product it sells. You're welcome to push beyond those limits, but you can't expect ANYTHING from Apple if you do. Why is that so hard for people to understand?
30 years ago, the technology industry was just getting started. And yes, there was a lot of hacking. And were it not for the hacking, you're right, we probably wouldn't be here. Or we'd be somewhere else entirely. Who knows.
As for using the iPhone in a more "creative" way, I think you miss the point. I don't think anyone - including Apple - really cares if you hack your phone. What they care about is the hacker's expectation that future updates will work seamlessly with whatever hack has been installed. If you hack it, accept the consequences. That's what Woz and Jobs did back in the day. They didn't go around whining or suing when something didn't go their way.
I think it's quite funny how people try to liken hacking the iPhone to "freedom", etc. Give me a break. How many devices out there don't allow you to install whatever software you want? How many cell phones are locked (let's see...EVERY ONE sold by a US cell company)? Apple has every right to define the limits of approved use of a product it sells. You're welcome to push beyond those limits, but you can't expect ANYTHING from Apple if you do. Why is that so hard for people to understand?
I had a Palm 650. Basically, everytime I installed something (purchased or free), the phone became less reliable. Yeah, 100% is an exaggeration, but essentially, the Treo is a basket case for me. Interestingly, I had a much different experience with my old palm's and handsprings: they were endlessly reliable which is why I bought the Palm 650 in the first place.
With the Palm, I especially liked the 4 page software update procedure...backup, push and hold these buttons, run this utility, run another one, blah blah blah, and then it failed so I could start again. Sadly, Palm deserves their current business status: apparently just waiting to file for bankruptcy. They kind of started this part of the business. Sigh.
Eddie O
Why do you keep bringing this up, when the original topic of this thread is jailbreaking (enabling 3rd-party apps), and NOT SIM-unlocking?
The Treo itself is unreliable by many counts, but I get what you're saying.
A further complication is that Palm has updated their creaky OS so many times that many 3rd-party apps don't work so well. I will add that the ones that don't work so well are typically those that go outside of the Palm SDK (so Palm can't ensure compatibility with.) Then those developers will complain that they had to do these things because of fault's with the OS...
At the end of the day, 3rd party apps is a strategic decision for Apple, not some sort of high and mighty moral issue. I do think having a controlled 3rd-party platform may be the best of both worlds, in terms of how Apple is positioning the iPhone (capabilities AND elegant user experience.)
I think it would behoove Apple to at least announce that such a platform is coming (if it indeed is in development), that alone would ease a lot of the hooplah over hacking to add 3rd-party apps.
Very true. We can debate how to do this until the end of time, but that'll just get boring. Maybe everyone on MacRumors can write letters. I don't know.
I'm glad to see that people are actually reading my posts and thinking about them. It makes me feel special.
I wrote mine congratulating them on the bricking of some of the iPhones.
First of all if you're gonna go for it, go for the gold and just use Christ next time
Second, I don't think you guys are the devil, you wanna hack your phones? you wanna find cool things you can do beyond Apple's 'approved' uses, by all means go for it. As someone stated earlier here I am glad they found the TIFF exploit...now it can be closed.
I can't speak for the other, how did you so eloquently put it, sniveling anti-hackers, but I am not telling you not to hack. Hack away brother...just don't cry or expect Apple to give you new phone when you crack yours. Don't be angry with Apple if they don't (or can't due to business agreements) allow 3rd party apps yet. 'Being in bed' with AT&T made the phone a reality...you can dislike it but odds are there'd be nothing to hack had he not done so or it would have been a while before we saw it.
Jailbreaking lets you install Installer.app -> Install a SIM unlocker
Yes, but a lot of people have jailbroken their phones just to add apps, not to unlock. And none of these phones were bricked by the update.
Yep, I edited my earlier post to add a comment about that Madmax...I guess it just all ties together in my mind as the effort to open up the iPhone is not soley about 3rd party apps but also who you can use it with, but I'll try to stick more to the apps discussion only.
I never heard that, but I do know that if you run a standard Applet, in any browser it does run in a sandbox (most java versions). However if you are running a signed Applet or a Java application it runs outside the sandbox. However this only applies to Java which the iPhone does not currently supports.
For clarity some new versions of JVM use a security policy and not the original sandbox concept, for simplicity I called them both a sandbox.
Love to get a hold of the code being run in the iPhone to do a security code review, but Apple never sent me a copy.
Best of Both Worlds-
It's possible that a 1.1.2 update will only patch the relevant parts of the OS (TIFF exploit), and not overwrite the entire OS from scratch. If so, it might not un-jailbreak our devices (similar to the first 2 iPhone updates.)
If this is the case, it might be possible to have the best of both worlds- use the TIFF exploit to jailbreak, then update to patch the hole.
It's possible that a 1.1.2 update will only patch the relevant parts of the OS (TIFF exploit), and not overwrite the entire OS from scratch. If so, it might not un-jailbreak our devices (similar to the first 2 iPhone updates.)
If this is the case, it might be possible to have the best of both worlds- use the TIFF exploit to jailbreak, then update to patch the hole.
You're probably right, I'm not a programmer.
I wasn't thinking that the payload code delivered is still running in the sandbox.