Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
New Malicious Worm Affects Jailbroken iPhones in Netherlands
- Thread starter John89
- Start date
- Sort by reaction score
You are accusing Apple of highly illegal activity aimed at their own customers without a single shred of evidence or even a plausible rationale. Let's break this down. For one thing, we know that the code necessary to write this worm was open-sourced about two weeks ago, plus it's pretty trivial to break into a phone running SSH with a default password. So literally any hacker in the world could have written this thing. The worm is stealing personal financial data, which would be useful to a criminal hacker, but not to Apple. Further, if Apple did this, they would be exposing themselves to a wave of lawsuits and PR that would cripple their entire brand. We are talking about literally billions of dollars down the drain. Yet somehow it makes sense to you that Apple would take this risk just to say "I told you so" (or something, you still haven't laid out what Apple's motivation would be).
You need to turn off the TV and try thinking about things a little bit before spewing out serious criminal accusations with zero credibility.
100% false. The security of the iPhone has absolutely nothing to do with this worm. The iPhone is a full-blown computer running a Unix OS. If you decide to run an SSH daemon with the default password on it, it's completely vulnerable to anyone who comes knocking. The only thing a manufacturer can do to prevent that is to make it difficult to install SSH with a default password.
Apple has already done that by providing an extremely secure configuration out of the box. You have to make a conscious decision to forfeit that built-in security and to take security matters into your own hands. If you're familiar with Unix, SSH and infosec in general, you're probably qualified to deal with that situation. Otherwise, you're really not qualified to jailbreak and would be better off buying a different phone if the iPhone is lacking features that you deem essential. So, no, this can in no way, shape or form be blamed on an intrinsic lack of security in the iPhone.
No, usually it's Microsoft that's convicted of...Yes, that's strange. Usually it's Microsoft that is accused of ....
Is this a reply to my post? If so, can you explain what this means/does?
I think he means that you open Terminal, type nothing but
Code:
[B]which sshd[/B]and hit return key. It will tell you if and where SSH is installed. Should work with Snow Leopard/Terminal.app and iPhone/Mobile Terminal (the latter after jailbreaking and installing Mobile Terminal).
No, usually it's Microsoft that's convicted of...
Actually, the difference is that Apple could do what Microsoft was convicted of, and it would be perfectly legal. In fact, many of the things that Apple does would land Microsoft in hot water.
On the other hand, the phone app accusations would be illegal in many/most jurisdictions regardless of who perpetrated the act....
(Deleted interesting words.)
Thank you, NSMonkey! Very clear and understandable even for not-native English speakers. What is the difference between my Mac OS X 10.6.2 with SSH, Terminal installed and an iPhone—jailbroken or not in terms of security? Thx in advance for clarification.
Should I change SSH password on my MacBook Pro?
If Apple wasn't so strict about what can and cannot run on your iPhone, people wouldn't need to jailbreak. Personally, I would never jailbreak my iPhone because I'm too afraid I might brick it. The only alternative was to not get an iPhone until it becomes a bit more fully-featured. Can't live without tethering, for example. My HTC does this perfectly.
Wrong and myopic. When has Apple prevented OEMs from offering competing products? When has Apple abused their monopoly position in PC operating systems to kill off competing internet browsers in an attempt to control the format of internet content? Apple cannot do these things because they do not have a monopoly position in the PC market. Microsoft does and so, according to multiple courts of law, is subject to laws that attempt to limit the power of monopolies.
At the same time, it's true that any company can be convicted of anti-competitive behavior. They don't need to be of a certain size or control a certain percentage of a market. Apple could engage in anti-competitive behavior if they, for instance, offered retailers a financial incentive to NOT carry portable music players from other companies. And yet, Apple has never yet (to anyone's knowledge) engaged in these illegal practices. Microsoft has, multiple times.
Of course, you already know and understand this and yet prefer to propagate the tired old myth that poor Microsoft is unfairly held to a higher legal standard than Apple, even when there is zero evidence to back that up. Maybe you should think about why you choose to believe in such a silly idea.
That's the exact point of my argument - since Apple doesn't have a monopoly position, it doesn't matter.
______________
One example. What if Microsoft and Intel got together, and Microsoft changed the boot-time CPUID check in the Windows kernel so that it wouldn't boot on any CPU but an Intel one?
Holy anti-trust hurricane, Batman!
On the other hand, what if Apple changed the boot-time CPUID check in the OSX kernel so that it wouldn't boot on a class of processors?
Wait, Apple did that in 10.6.2 !!
So you agree that having a monopoly position makes a company subject to a different set of legal circumstances. I guess you're still arguing because you don't understand the definition of anti-competitive behavior, which Apple could be convicted of if they engaged in it.
Yes, if Microsoft and Intel colluded to put AMD out of business and therefore artificially drive up the price of CPU's, that would probably be deemed illegal, anti-competitive behavior. Of course, Intel can do this on their own by offering incentives to OEM's to not use AMD CPU's. In fact, Intel has been convicted of this very practice.
Apple, unlike Microsoft, manufactures and sells PC hardware as well as software. As a hardware manufacturer, they are legally entitled to use and/or support whatever components they like, just like Dell can choose which CPU's and video cards they offer in their computers. As a software developer, Apple is also free to limit the hardware on which that software will run. This is no different than bundled software/hardware offerings from many other companies, including Microsoft.
While MS doesn't make PC's, they do make a gaming console. Afaik, the Xbox OS runs only on specific, MS-approved hardware and that hardware is built using specific, MS-chosen brands of CPUs and other components. And yet, they have neither been accused nor convicted of anti-competitive behavior for locking consumers into this very specific hardware/software combination.
Another big flaw in your example is that Microsoft's PC business strategy is completely software-centric. They don't compete in PC hardware and therefore they want to see hardware commoditized as much as possible. It's unthinkable that they would work directly against their core strategy by colluding with Intel against another CPU manufacturer, therefore reducing hardware competition and driving up prices.
Is any of this getting through or do I need to shoot down a few more of your examples?
I think Apple and their network partners will benefit from this "downside" to jail-braking. Even more so, any completely open system, will be hurt, like Palm WebOS, Android, etc. Apple couldn't have planned it better themselves. I know what you're thinking, but "No, Apple did NOT write the banking system trojan".
--
FW
"Can your phone and your network do that!"
--
FW
"Can your phone and your network do that!"
That was the foundation of my argument - since we both agree, why are you still arguing?
I just updated the often linked "Step-by-step guides summary on how to change SSH default passwords after jailbreak" earlier in this thread:
https://forums.macrumors.com/posts/8860843/
Maybe some1 could have a look at it for content or spelling errors, thx in advance.
https://forums.macrumors.com/posts/8860843/
Maybe some1 could have a look at it for content or spelling errors, thx in advance.
Apple's quote is a mess.
"The worm affects only a very specific set of iPhone users who have jail broken their iPhones and hacked it with unauthorized software," Apple spokesperson, Natalie Harrison, told The Loop. "As we've said before, the vast majority of customers do not jailbreak their iPhones, and for good reason. These hacks not only violate the warranty, they will also cause the iPhone to become unstable and not work reliably."
I like how it implies the vast majority of customers do not jailbreak their phones because "it violates the warranty"... I'm pretty sure the majority don't know what it is, and many more might want it if they knew about it.
And, they "will" cause the iPhone to become unstable, like it's a sure thing... Sure, i could *choose* to install something that makes it unstable...
Also interesting that none of the Apple responses to jailbreaking (in this story/thread) make the claim that lots of people on these forums do, that it's "illegal". Does anyone have a link to something from Apple saying that users are breaking (at least US) law by jailbreaking?
"The worm affects only a very specific set of iPhone users who have jail broken their iPhones and hacked it with unauthorized software," Apple spokesperson, Natalie Harrison, told The Loop. "As we've said before, the vast majority of customers do not jailbreak their iPhones, and for good reason. These hacks not only violate the warranty, they will also cause the iPhone to become unstable and not work reliably."
I like how it implies the vast majority of customers do not jailbreak their phones because "it violates the warranty"... I'm pretty sure the majority don't know what it is, and many more might want it if they knew about it.
And, they "will" cause the iPhone to become unstable, like it's a sure thing...
Sure, i could *choose* to install something that makes it unstable...Also interesting that none of the Apple responses to jailbreaking (in this story/thread) make the claim that lots of people on these forums do, that it's "illegal". Does anyone have a link to something from Apple saying that users are breaking (at least US) law by jailbreaking?
Interesting indeed. It's the first time as far as I can remember that warranty violation after jailbreak is "official". Thanks for pointing that out, blackcrayon!
All I could find in my archives is a "Responsive Comment of Apple Inc." before the U.S. Copyright Office. That was in the middle of february 2009 and the first reference of "jailbreak" in an official Apple document:
http://www.copyright.gov/1201/2008/responses/apple-inc-31.pdf
The response came months after "Comments of the Electronic Frontier Foundation" (december 2008):
http://www.eff.org/files/filenode/dmca_2009/EFF2009replycomment_0.pdf
I agree completely. Some of the nonsense posted here is beyond belief. Get real people! This is not Roswell, NM.
You know, I've seen you employ this tactic before. You're clearly losing an argument and you can't respond to the points brought up so you try to end the conversation. Sorry, but I won't fall for it. I'm arguing with the following statements:
In fact, Apple could not do what Microsoft was convicted of without also being guilty of a crime. Microsoft was convicted of anti-competitive behavior. Anyone can engage in anti-competitive behavior even if they don't dominate a market (although admittedly, it helps). Apple, unlike Microsoft, has chosen to focus on competing rather than stifling competition.
Take the issue of Microsoft bundling IE to kill off Netscape and the subsequent conviction in 'United States v. Microsoft'. MS was not convicted of simply bundling a browser with their OS (in the same manner that Apple bundles software with OS X). They were convicted of acting in a monopolistic manner by taking deliberate steps to cripple the installation and operation of Netscape on Windows and to make it artificially difficult to uninstall IE. While their dominant market position did play a part in the ruling, they were found to have committed deliberate acts of monopolization, which is quite a bit different than just happening to have a really successful product and a dominant market share. As is the case in most legal issues, intent matters. Microsoft's intention was not just to compete with but to shut down the competition by any (illegal) means necessary. Apple, on the other hand, does not cripple competitor's software and does not prevent you from uninstalling bundled Apple applications. If they did those things, like Microsoft has, they would open themselves up to the same legal troubles.
As an example of Apple choosing not to engage in anti-competitive behavior when given the chance, look at the iPod. The iPod happens to be a very successful product that dominates its market. But Apple has not committed acts of monopolization to sustain that market share. They have not pressured distributors to stop carrying competitor's products, they aren't preventing competitors from accessing a user's music, pictures or video to sync to their own device (Apple won't allow other companies to profit by using iTunes built-in sync features, but anyone is free to write a sync implementation that directly accesses iTunes content) and they aren't preventing anyone from writing software to compete with iTunes. Notably, they also haven't attempted to tie your content to their own, proprietary formats as Microsoft has tried to do time and again.
I don't mean to dismiss the point on which we agree: yes, there are some areas where Microsoft is held to a different legal standard than Apple due in part to Microsoft's > 90% share of the PC market. But Microsoft's legal circumstances are also due in part to the fact that they've been convicted of abusing that position, multiple times. So, in much the same way that a convicted child molester is subjected to certain restrictions and suspicions to which the rest of us are not, many governments and corporations (parties likely to file suit) are understandably more wary of Microsoft than they might be of companies with less criminally tainted histories.
One further point is that Microsoft already does "many of the things Apple does". Things that, by your logic, should be illegal for Microsoft to do. One of the best examples is the XBox, which I'll bring up again since you ignored it the first time. The XBox is an entirely "closed" system in that the OS runs only on a restricted set of approved hardware. This is exactly the situation on the Mac and yet people like yourself love to point and say "Microsoft could never get away with that!". But they do, and it's fine because it's not anti-competitive. Let me repeat: making and selling a hardware-restricted computing platform is not in any way illegal for either Microsoft or Apple.
This has been fun so far. Do you have any other examples besides the "If Microsoft colluded with Intel it would somehow equal Apple not supporting the Atom" thing? Because that one was really, really weak.
Jailbreaking violates Apple's iPhone EULA. A court alreay upheld OS X's EULA, after upholding a long string of EULAs. So draw your own conclusions.
http://www.apple.com/legal/sla/docs/iphone.pdf
Section 2(c) of the Apple iPhone Software License Agreement provides that:
You may not and agree not to, or enable others to, copy (except as expressly permitted by this License), decompile, reverse engineer, disassemble, attempt to derive the source code of, decrypt, modify, or create derivative works of the iPhone Software or any services provided by the iPhone Software, or any part thereof (except as and only to the extent any foregoing restriction is prohibited by applicable law or to the extent as may be permitted by licensing terms governing use of open-source components included with the iPhone Software). Any attempt to do so is a violation of the rights of Apple and its licensors of the iPhone Software.
Further, the DMCA entitles Apple to block interoperability with anything that has not been approved by Apple.
http://support.apple.com/kb/HT3743
Apple strongly cautions against installing any software that hacks the iPhone OS. It is also important to note that unauthorized modification of the iPhone OS is a violation of the iPhone end-user license agreement and because of this, Apple may deny service for an iPhone or iPod touch that has installed any unauthorized software.
The only iPhones that are vulnerable to the Duh Worm are "jail broken" phones, where users disable key Apple security features to get around the terms of usage agreement that they are designed to enforce.
The virus has been detected in the Netherlands and can only attack iPhones whose users have disabled some pre-installed security features, according to analysts monitoring the progress of the virus.
The virus has been detected in the Netherlands and can only attack iPhones whose users have disabled some pre-installed security features, according to analysts monitoring the progress of the virus.
"These hacks not only violate the warranty, they will also cause the iPhone to become unstable and not work reliably.""
Great. So when is Apple going to fix my iPhone? Note that my iPhone isn't jailbroken, and yet my screen blanks (turns black) for no apparent reason. No way to get pass it. And thus the Apple iPhone already has some technical issues and limitations, and this without jail breaking.
Note: There are 18 people in my area with the same problem and all Apple really does is to replace the iPhone. Same problem alter six months. So much for Chinese quality.
Great. So when is Apple going to fix my iPhone? Note that my iPhone isn't jailbroken, and yet my screen blanks (turns black) for no apparent reason. No way to get pass it. And thus the Apple iPhone already has some technical issues and limitations, and this without jail breaking.
Note: There are 18 people in my area with the same problem and all Apple really does is to replace the iPhone. Same problem alter six months. So much for Chinese quality.
So when was the last time you smoked pot? I mean we're talking about The Netherlands. Liberal thinking. Tons of freedom. No way Apple is lucky there.