Unreleased iPhone 2.0 May Already Be Hacked 183
The as-yet unreleased second iteration of iPhone hardware may already be compromised, reports Engadget and News.com. Members of the 'iPhone Dev Team' have (supposedly) made use of the recently released SDK to gin up a Beta 2.0 software hack. "Unlike previous hacks, this one isn't specific to the latest firmware version, it exploits the way that Apple designed the iPhone's main bootloader. According to the iPhone Dev Team, the iPhone verifies whether or not firmware code has been signed with an RSA certificate before allowing it to be written to memory. The team has apparently figured out a way to disable that check and allow unsigned code to be written to memory."
Don't get your hopes up. (Score:2, Insightful)
Nice (Score:2, Insightful)
What really makes this one a good example is that for once this lock used some kind of real crypto (RSA), not some security-through-obscurity stuff. And yet, of course, that defeated, by not even letting the check occured.
Because crypto scenario were Bob tries to hide something to bob, after giving Bob the key are just a bit to stupid to work.
Re:Pertinent word... (Score:5, Insightful)
If he were rational (which is not to say that irrational precludes being brilliant), I don't think he'd really care that much about iPhone hacking, unless people started to look at it as something safe and normal and that Apple should support those hacks.
When somebody solders a modchip onto a game console motherboard, he knows very well that he's on his own. But when a hacked up iPhone starts to feel normal to users, then Apple loses the ability to control the release cycle. They don't want their new products to compete with hacks for their existing ones, because they've discovered the secret of the software subscription model Microsoft toyed with a few years ago: you don't call it a subscription, you call it spiffy new hardware.
Of course, he might well be totally ape-shit over iPhone hacking, I don't know. I don't think like him, which is why I'm not rich.
Re:Pertinent word... (Score:5, Insightful)
just as any sane firewall is set up. (it would be nuts to set up a firewall to default allow all ports, and then start selectively blocking them only once an exploit that uses it becomes apparent, but then you have today's software security model doing just that.) forcing devs to buy a cert means they have somewhat of a point of authentication and also a hook to revoke all of a dev's apps if they fail to toe the line by releasing a virus, trojan, phish etc. Or "something that reduces apple's revenue"
I believe leopard has the (currently unused) capability to do this built in as well. looks like the iphone is going to be a bit of a testbed for the concept. this kind of thing is only possible really with a "brand new" os where you can start from day 1 with no backward compatibility problems. it's also the reason you're not allowed to run interpreters like java or javascript... else Sun would get a valid cert to load the java interpreter, which in turn could run anything on the planet bypassing the "run only whitelist code" concept.
I can't say i agree with such "mandatory*" restrictions on a computing device I purchased, but as a matter of security philosophy it really is quite interesting.
*well, mandatory if you want to run snazzy new SDK apps. they really should set up an "unsupported, you may be SORRY!!" class of signature that would let you run, at your own risk, anything from that signature.
A slow death, like the PSP (Score:3, Insightful)
Re:Pertinent word... (Score:5, Insightful)
This is precisely the concern. Have you ever worked in support? I worked technical support for several years. The worst part of the whole ordeal was dealing with all of the unpredictability on the other end. This is the only reason we had no official Linux support. It was the reason we only needed 3 people to handle all Macintosh calls. The more predictable the workspace on the other end of the line, the better a technician can deal with a situation.
This also applies to software development. This is what makes game consoles attractive, you have a reliable set of expectations to target. You know, when you have a device as sophisticated in software as the iPhone (it's got an entire OS, not just some execution firmware like non-smartphones) it is infinitely helpful to be able to predict what will or will not be going on there.
So, while I'm sure Apple has no realistic expectation to avoid firmware hacking, I do believe they try to keep the expected cases in place as best as they can without getting ridiculous so the quality of software can remain high. So they can provide what they claim to provide in the device.
While a more savvy person may realize their phone is running out of battery twice as fast because of some software they put on there themselves, the average consumer is not going to understand any of this reasoning. Apple doesn't want to deal with phone calls and complaints that root from things the user did to themselves unwittingly. The easiest way to avoid that is making it hard for users to do it to themselves. Make it an effort to get hacked firmware and unapproved software and you achieve this goal. You don't have to prevent it 100%, and therefore, there is no logical argument that Apple is being hypocritical about their DRM stance. This isn't DRM, this is the virtual version of that welded bolt on the back of a service-only machine.
Any geek willing to break the seal is willing to forego support when they inevitably break the machine.
Re:It would have been better to wait (Score:2, Insightful)
Re:Pertinent word... (Score:5, Insightful)
Re:Nice (Score:2, Insightful)
Which, by the way, is coherent with their whole DRM/iTune/exclusive_deals strategy of leveraging their control over their customer to limit competition.
In France, the best ISP, http://free.fr/ [free.fr] , gives you a modem that actually runs a trimed down version of linux, acts as a tivo, and even uses a custom version of vlc to stream videos (TV or VOD) to your PC or TV! People have tinkered a lot with it, to add youtube support and the like.
So excuse me for having high standards
Re:Pertinent word... (Score:5, Insightful)
Yes, but Apple only does this as a safeguard to help protect more timid users. Apple, unlike the music studios, knows it will be broken and does not really care.
If he were rational (which is not to say that irrational precludes being brilliant), I don't think he'd really care that much about iPhone hacking
He doesn't, which is why the last iPhone update did not break jailbroken phones.
Re:Pertinent word... (Score:5, Insightful)
The iPhone is a PHONE a wireless PHONE. Repeat this a thousand times. It is NOT a general purpose computer. Most people who bought or will buy this expensive gadget want a phone first of all and want that to work as reliably as any other phone at LEAST. Apple will and must do everything in its power that their phone or ipods don't become another Windows like portal for propagating all sorts of malware aimed at emptying unsuspecting people's bank accounts.
In that regard, Apple can simply inform iphone users in no uncertain terms that warranties on hacked devices are null and void. They are also within their rights to warn users that any update from Apple may indeed inadvertently brick their hacked devices. Unauthorized customer modifications and use of manufactured goods and machines have always resulted in lost warranties at the very least. Sometimes human lives are at stake.
Re:Pertinent word... (Score:5, Insightful)
It's to make it enough of a pain in the ass that those who manage it realize they're wading into unsupported waters.
Re:Pertinent word... (Score:2, Insightful)
I have my own server, my own credit card merchant account, and my own SSL certificate vouched for by a root certificate authority accepted by all major web browsers. You're assuming I want or even need Apple's assistance in selling and distributing my software.
So you're saying Mac OS X is insecure and riddled with viruses? Even Apple would disagree [youtube.com] when they aren't talking out of the other side of their mouth. Are you suggesting that Adobe Photoshop, a Mac stalwart that has been on the platform for nearly two decades, is insecure because it executes interpreted code? Have you any shred of proof whatsoever? No, you don't, because it doesn't exist. Thanks to the restrictions on the SDK, you'll never see anything like it on your iPhone unless Apple produces it themselves.
Re:Pertinent word... (Score:4, Insightful)
Not a single manufacture is using it yet. When they release an actual product I will then judge it, until then it is vaporware with source code. As Android is worthless without hardware.
Re:Pertinent word... (Score:5, Insightful)
Yes, allowing the user to modify a device complicates support. But this can be dealt with - look at how e.g. HP and Dell manage user support nowadays? "Reset your system to the factory-shipped state with the included Restore partition - problem solved." This is even easier to do with the iPhone.
Thing is, users don't have to install any third-party software, if they want a "guaranteed quality experience". Why not simply allow people the choice about how they use their device? Hell, put up a warning on install - "You are now straying from the Apple Way - Abandon All Hope!" - but to assume that *every* customer is incapable of managing their own device is just insulting.
What bugs me most is how Apple apologists go on about how the iPhone is so great because "it's got an entire OS!" (like this is new) - and then claim that every limit on this OS, every restriction and removal of user choice, is actually somehow for the user's benefit. "No 3G? Might kill battery. No Flash? Might kill performance. No plugins? Might, um, break something." It really gets old.
Yeah yeah, vote with my wallet, I don't have to buy one. I'd really like to buy one, they've done so much right with it, but these decisions are deal-breakers for me, and the continual excuses don't give me hope that this will change.
No it bloody wouldn't. As you should know. (Score:4, Insightful)
No it bloody wouldn't. It would be called "of course you can install your own firmware on an iPaq, or a Treo, or what have you". It would be called "why shouldn't you be able to install programs on your own handset". It would be called "yes, of course that's the way it works".
Of course it's a good thing. Of course it's also a waste of time. Of course you're better off getting a phone where you don't have to screw around looking for DRM backdoors. What I can't figure is how anybody who knows it's a waste of time could possibly be stupid enough to honestly think "this would be called a security vulnerability". Right?
Re:Pertinent word... (Score:5, Insightful)
But the other poster's point is that anybody who's willing to open the device and make a modification already knows they're in unsupported waters. Making it difficult just wastes everyone's time.
Re:Pertinent word... (Score:3, Insightful)
But the other poster's point is that anybody who's willing to open the device and make a modification already knows they're in unsupported waters. Making it difficult just wastes everyone's time.
Re:Pertinent word... (Score:2, Insightful)
Re:Pertinent word... (Score:4, Insightful)
Re:Uh, did this ring a warning bell with anyone el (Score:4, Insightful)
Re:Feasable? (Score:3, Insightful)
unpatchable? (Score:3, Insightful)
Re:Pertinent word... (Score:5, Insightful)
It's a device that can make phone calls, amongst other functionality. My Power Mac 7500 was making and receiving phone calls 10 years ago; that didn't transform it into a single-purpose appliance that would crash and burn if I did anything else with it.
Also, the iPod touch is not a phone.
It is NOT a general purpose computer.
Why not? It runs Unix, and its API looks a whole lot like that for Mac OS X. Apple may not want you to think of it as a computer, but objectively speaking it is.
Most people who bought or will buy this expensive gadget want a phone first of all and want that to work as reliably as any other phone at LEAST.
And yet if there's any way to run apps not approved by Apple, these same people who insist on reliability above all else will be stampeding to download malware-infested porn apps from the Elbonian mafia?
Re:Feasable? (Score:3, Insightful)
The newest platforms are actually systems on a chip. Not only a watch dog watching the voltage and clock lines , but watch dogs performing zero knowledge tests on blocks of data before they are passed to the considered safe block of ram. It always comes to the same point , the key is on the chip some where. You can randomize and do as much as you want to make the key random , at some point the key has to be stored to even start the boot process.
Some of the newer micros are using a main core like the eco2000 in the case of seimen/infineon 8051 systems and having a watchdog watch the lines , a block decoder/encoder sitting in between passing it to and from the core ram and storing the keys in a small block that is read only under certain conditions met by the block de/enc device, bit settings in protected ram and the state of the eco core. The main issue is the key is still on board. When this happens once you have that you have control.
There really is no way to prevent the system from being hacked when you have to give the secret with the device. The only combat you have is to make it to expensive to hack and therefore take away the reason to do so.
Security by using security mess and UV detectors on the newer security chips are stop gap measures, an interested person will find a way around it. There is no way to secure anything , what is secure now , won't be secure tommorow , and when people have interests you won't lock them out. The only hope again is to stave off the hack long enough to develop another system to take its place when some one figures out the current system. Cat and mouse till the day we die.
Jailbreak is the only way to test programs (Score:5, Insightful)
You are supposed to test your program with the iPhone Simulator, called Aspen. The Aspen simulator is part of the free download SDK for the iPhone. However, Aspen does not support OpenGL ES, which is hardware acceleration for cool effects & fast 2D or 3D.
To deploy to the iPhone, Apple must give you a certificate, and they only do that to those paid developers whom they select.
In other words, most game developers can not test their programs because they can not deploy their programs to the iPhone.
I want to play around/learn. I have avoided Jailbreak solutions to date, but I see no other way.
Re:Pertinent word... (Score:4, Insightful)
Funny, because I recall Steve Jobs making it clear in September that Apple would fight attempts to unlock the iPhone. [cnet.com] He didn't say anything about protecting the timid. I think it went more like this. [youtube.com] "It's a cat and mouse game" and "It's our job to keep them from breaking in." I guess I missed his "Protect the timid" speech.
Yeaaaaah... I'm sure you're right SuperKendal. Steve was just feeling generous. I don't imagine that billion dollar class action lawsuit [pcworld.com] regarding the intentional bricking had anything to do with it.
Re:Pertinent word... (Score:4, Insightful)
While the difference between content and applications (or even between types of content) bear directly on Job's statements, you don't even need to look that far. Jobs said that DRM was a flawed concept and would never work for the long term... but Apple implemented it anyway because the RIAA required it to do business in the music industry and without them the iPod would have never materialized, or at least never gained significant market. The same thing applies here. Apple cannot ever "win" the fight against iPhone modders, nor is that their goal. Their goal is to make it inconvenient enough so that the modding community never makes up significant share of iPhones and so they can meet their contracts with the big players in this industry, particularly AT&T who Apple has to keep happy and who probably has a signed contract (trade secret of course so it will never be public unless the courts make it so) that says Apple has to perform due diligence to lock down applications to prevent VoIP on the cell network as well as other apps that threaten AT&T's money making services.
I think Jobs has proved himself rational, nor do I think you're understanding his position. He's made Apple a lot of money while still espousing the opinion that DRM is a flawed concept. That is what he believes and even what he pressures others to accept in deals with Apple, but at the same time he is willing to do what it takes to get a start in a new market; be it music downloads, movies, TV, or smart phones. It is a very reasoned person who can state their opinions consistently, yet at the same time be wiling to bend to the big players in the market who hold the keys to successful entry.
I doubt Apple cares that much about locking down iPhones beyond what it takes to keep AT&T happy. Very few people will modify their iPhones to run other software (compared to how many people buy them in total). Sure, Jobs sees an opportunity for more security and stability with whitelists, but they've implemented the same thing to a lesser extent on Macs as well nd you don't see it being used to try to seriously stop users who want to do something and are willing to hack.
I don't really think this is Apple's plan. They've had lots of opportunity in both iPod and Mac markets to artificially break compatibility with older hardware. If a new version of OS X ran more slowly than an old version, pretty much no one would have batted an eye, since MS has them conditioned to think of this as normal. Instead, each revision was faster on old hardware than the previous revision (well maybe 10.4 was break-even in some cases). Apple has always sold their new hardware on new hardware features, not on mandatory upgrades enforced by software (and I have a dual 533 Mhz PPC tower in the corner still running as a media server to prove it). And before you bring up the iPod touch, read about Apple's media codec licenses and Sarbanes-Oxley as interpreted by quite a few (but not all) companies in technology.
This isn't "informative." (Score:3, Insightful)
Does Apple care? (Score:2, Insightful)
How relevant? (Score:3, Insightful)
What I would like to see is a hack to get around the $99 fee to run your app on the device itself. The fee annoys me. I can understand it being there for devs that want to release their app, but what about people like me, who just want to see if I can make run on it?
I know, I know, the simulator.... that's no good. I want running on my phone!
Re:Pertinent word... (Score:3, Insightful)
For those who don't need the phone part, there is the iTouch music player. Apple has to take steps to prevent their devices from becoming another Windows monoculture that attracts crooks who want to rip off as many people as possible. Some of these steps will displease the software freedom advocates, but are unfortunately a needed precaution in our connected world.
Decent developers should have no problems writing and selling clean software, according to the rules of Apple, made to ensure the reliability of their devices and profit. Apple is also NOT a charity, but a for PROFIT making company. They have a legal obligation to their owners (share holders) to make an honest profit.
If some malware gets on millions of iPhones, Apple will get the blame for their "insecure" careless programming, just as Microsoft did. Who wants to have to spend resources on after the fact malware protection? I am so glad that I don't have to waste money and my time to have to install some of the resource hogging anti-malware software Windows users need, on my Macs.
An ounce of prevention is worth a pound of cure.