Security update wipes out unofficial iPhone mods

IDG News Service - A security update for Apple Inc.'s iPhone does more than just fix critical flaws in the handset. It also looks for and wipes out any modifications that users make to the iPhone's firmware, according to hackers looking to unlock the phone.

But the security update does not break any of the tools that hackers have so far developed to modify the firmware, they said.

The iPhone Version 1.0.1 update primarily addresses a security flaw uncovered in the handset's Safari browser set to be detailed this week at the Black Hat 2007 conference in Las Vegas. That vulnerability, uncovered by researchers at Independent Security Evaluators (ISE), allows an attacker to access data and applications on the phone from a Wi-Fi access point or a malicious Web site.

When the update installs itself via iTunes, it also checks for changes that have been made to the phone's firmware, the hackers said. When changes are detected in the old firmware, the update wipes the phone and then reinstalls the updated firmware, erasing any modifications that a user made.

Hackers involved with efforts to unlock the iPhone at the #iphone Internet Relay Chat (IRC) channel were still coming to grips with the impact of Apple's security update today, looking to test whether tools they developed continue to work. (Hackers have asked journalists not to publish links to their site, iPhone Dev Wiki, saying it's not able to handle heavy volumes of traffic.)

Initially, the Apple security update appeared to block the ability to write files on the iPhone using the Jailbreak feature of the iActivation tool developed by the hackers, meaning the tool could no longer be used to add personalized ringtones to the phone.

However, the 1.0 version of Jailbreak continues to work fine, according to an update on iPhone Dev Wiki. 

Reprinted with permission from

IDG.net
Story copyright 2009 International Data Group. All rights reserved.