ZDNet UK


Skip to Main Content

ZDNet.co.uk - Winner of Best Business Website 2007
  1. Home
  2. News
  3. Blogs
  4. Reviews
  5. Prices
  6. Resources
  7. Community
  8. My ZDNet

 

ZDNet UK RSS Feeds


Security threats Toolkit

Talkback

Post a comment


Story: Exploit turns iPhone into a spy tool

  • Previous comment

Posted by: mdfischer (Friday 23 November 2007, 1:51 AM)

  • Reply

Not Rubbish - A new game

True that the exploit is patched as part of the 1.1.2 firmware update. However, the exploit in question is the same exploit that currently makes the most popular and simplest 'jailbreak' possible. Many people are avoiding updating so they can continue to run their third party applications or operate on other networks. All these people have been and continue to be at risk.

The decision to run everything as root I am assuming was a temporary expedient and will change at some time in the future, probably about the time the SDK is released - at least as a iPhone owner I hope so! This is a terrible idea on a unix system, and gives away the major advantage security-wise that using unix/os-x has over symbian or microsoft-mobile or others (except linux, but most of these repeat the error). And any real claim to superiority.

Given this decision, Apple had little choice but to 'close' the phone to development until they introduced a proper privilege framework. You can bet that non-contracted third-party developers will not be given root privileges.

Every note relating to Apple flaws is not an attack on Apple. It is true that a lot of the comment is driven by people that have been waiting for Apple to fail for 22 years (30 in some cases), and since Apple not only refuses to do so, but often lead the parade, this is a frustrating situation for these folks, many of whom have substantial egg facials (e.g. Michael Dell). But Apple responds to good critical observations and these find their way into products. Somebody has to produce this criticism.

View complete profile

Private message disabled

View all posts

mdfischer

mdfischer
R&D, Canterbury, UK
Member since: November 2007

Site Activity Rating:

1

 


  • Previous comment

  • Reply to this comment
  • Return to story
  • Report this as offensive


Full Talkback thread

More In Security threats


Sentry Posts Blog

Nasa and the virus

Yesterday the BBC ran a story about a computer virus making it into orbit, which I read with incredulity. OK, it's a nice silly season story on the surface, but what really got me was... More

3 comments

Customer data found on eBay server hig...

The recent news about customer details being retrieved from a server sold on eBay is yet another story about the sorry state of information security in the electronic age (see: http://news.zdnet.co.uk/...m).... More

Post a comment

Does it matter if you are an aardvark...

In spam terms, apparently it does. According to Cambridge University security expert Richard Clayton, if your email address is aardvark at animal.net, you are more likely to receive... More

1 comment

Featured Oracle Resources

businessfirst: Ideas to help small companies retain their successful entrepreneurial spirit

Oracle ONE Magazine: Technology solutions for midsized businesses February 2008 edition

Choosing a Reliable and Powerful IT Infrastructure at a Price You Can Afford

Database Consolidation: Reducing Cost and Complexity

Ensuring Data Protection for Growing Business

Oracle for medium and emerging businesses: protect, strengthen and enhance your organisation

Oracle partner network solutions catalogue

See All White Papers