or Connect
AppleInsider › Forums › Mobile › iPhone › Apple releases iOS 4.0.2, 3.2.2 with fix for PDF exploit
New Posts  All Forums:Forum Nav:

Apple releases iOS 4.0.2, 3.2.2 with fix for PDF exploit

post #1 of 109
Thread Starter 
Apple on Wednesday patched a PDF exploit found in its mobile devices with iOS 4.0.2 for the iPhone and iPod touch, and iOS 3.2.2 for the iPad.

The updates address a security hole used by hackers to "jailbreak" the iPhone, iPod touch. The PDF exploit could also be used by hackers to gain remote control over an iOS device.

iOS 4.0.2 is available for the iPhone 3G, iPhone 3GS, iPhone 4, and second- and third-generation iPod touch models. iOS 3.2.2 is for the iPad and iPad 3G.

Earlier this month, users released a browser-based hack that took advantage of a PDF exploit in Mobile Safari. The hack could allow users to run unauthorized code on their iOS devices through a process known as jailbreaking.

The jailbreak takes advantage of a PDF exploit that one prominent security expert called "scary." By tricking a user into simply visiting a website and loading corrupted PDFs through the iOS browser, a hacker could take control of an iOS device.

Apple quickly responded after the hack was made public, and said that it had already developed a fix for the issue. It said the PDF exploit would be plugged with a forthcoming update, which was released Wednesday in the form of iOS 4.0.2 and iOS 3.2.2.
post #2 of 109
Quote:
Originally Posted by AppleInsider View Post

Apple on Wednesday patched a PDF exploit found in its mobile devices with iOS 4.0.2 for the iPhone and iPod touch, and iOS 3.2.2 for the iPad.

The updates address a security hole used by hackers to "jailbreak" the iPhone, iPod touch. The PDF exploit could also be used by hackers to gain remote control over an iOS device.


Will it brick previously jailbroken iPhones? I sure hope so. Those Jailbreakers don't have any excuse left for what they do to us.
post #3 of 109
Quote:
Originally Posted by SendMe View Post

Will it brick previously jailbroken iPhones? I sure hope so. Those Jailbreakers don't have any excuse left for what they do to us.

What exactly has a Jailbreaker done to you?
post #4 of 109
Quote:
Originally Posted by William 3.0 View Post

What exactly has a Jailbreaker done to you?

Nothing! I'm gonna sit this one out - the exploit has been beneficial.
post #5 of 109
I've been looking forward to this update for my iPhone 4, but I had also hoped for a 3.1.4 version for older iOS devices like my iPhone 3G. I'd prefer not to update it to iOS 4.x.
post #6 of 109
If I am unable to jailbreak after this, I'll have a case against apple. Jailbreaking is now totally legal.
post #7 of 109
Quote:
Originally Posted by SendMe View Post

Will it brick previously jailbroken iPhones? I sure hope so. Those Jailbreakers don't have any excuse left for what they do to us.

Seriously? What impact have those who jailbreak their phones had on you?
Do you realize that fluoridation is the most monstrously conceived and dangerous Communist plot we have ever had to face? - Jack D. Ripper
Reply
Do you realize that fluoridation is the most monstrously conceived and dangerous Communist plot we have ever had to face? - Jack D. Ripper
Reply
post #8 of 109
Quote:
Originally Posted by latafairam View Post

If I am unable to jailbreak after this, I'll have a case against apple. Jailbreaking is now totally legal.

Yeah right.
post #9 of 109
Quote:
Originally Posted by latafairam View Post

If I am unable to jailbreak after this, I'll have a case against apple. Jailbreaking is now totally legal.

Thanks to the recent DMCA ruling, Apple can't sue you or get you arrested if you jailbreak your phone but there's no requirement that Apple has to facilitate it. Apple is free to try and prevent jailbreaking from happening using technical means, and they're free to deny warranty support to jailbroken phones.

The only people who really care about the ruling are the people who create jailbreak exploits. Those people had a legitimate concern that Apple would pursue legal action against them for creating the exploits. Now they have a legal right to do so.
post #10 of 109
Quote:
Originally Posted by latafairam View Post

If I am unable to jailbreak after this, I'll have a case against apple. Jailbreaking is now totally legal.

Just to check - you are joking right?
post #11 of 109
Quote:
Originally Posted by SendMe View Post

Will it brick previously jailbroken iPhones? I sure hope so. Those Jailbreakers don't have any excuse left for what they do to us.

What have they done? Has a jailbreaker ever damaged your own phone remotely? If anything, I am sure the JB community has actually helped users more than you know.
post #12 of 109
Quote:
Originally Posted by SendMe View Post

Will it brick previously jailbroken iPhones? I sure hope so. Those Jailbreakers don't have any excuse left for what they do to us.

OH NOEZ !!1ONEOEN ZE JAILBREAKERS ARE OUT TO KILL US



Adi
post #13 of 109
Is this supposed to be out already? Says 4.0.1 is the latest when I check for updates.

Edit: Nevermind... 2 minutes later it says the update is available...downloading now.
post #14 of 109
Quote:
Originally Posted by latafairam View Post

If I am unable to jailbreak after this, I'll have a case against apple. Jailbreaking is now totally legal.

Man there are some stupid people responding to your posting.

You must be all the way to the bank.
post #15 of 109
Direct links on http://ios.e-lite.org/
--Larry
Reply
--Larry
Reply
post #16 of 109
It's out. Already downloaded for the iPhone 4 and now downloading for my 3G.
post #17 of 109
Quote:
Originally Posted by SendMe View Post

Will it brick previously jailbroken iPhones? I sure hope so. Those Jailbreakers don't have any excuse left for what they do to us.

You mean leaving AT&Ts pos network? How dare they.
post #18 of 109
Just downloaded it and I have to say that
Safari feels snappier
post #19 of 109
Quote:
Originally Posted by William 3.0 View Post

I've been looking forward to this update for my iPhone 4, but I had also hoped for a 3.1.4 version for older iOS devices like my iPhone 3G. I'd prefer not to update it to iOS 4.x.

Me too, but is 3.1.3 actually affected by this bug? It would seem quite likely but I have not seen a definite confirmation either way.
post #20 of 109
Quote:
Originally Posted by noirdesir View Post

Me too, but is 3.1.3 actually affected by this bug? It would seem quite likely but I have not seen a definite confirmation either way.

Back in the 1.x days you could jailbrake through safari, so yes this exploit will and has affected everything pre 4.0.2
post #21 of 109
The could have thrown a few extra fixes in for good measure. What a waste of time.
{2010 Mac Pro-6 core 3.33-12gb 1333 ram-ati5870-velociraptor 600's-SL/win7/64-Konnekt Live/Onkyo-Dell3007wfp}
{2008 Mac Pro-8 core 3.2's-16GB-evga285} {MBP17}{ipad}{iphone 4 blk16gb}
Reply
{2010 Mac Pro-6 core 3.33-12gb 1333 ram-ati5870-velociraptor 600's-SL/win7/64-Konnekt Live/Onkyo-Dell3007wfp}
{2008 Mac Pro-8 core 3.2's-16GB-evga285} {MBP17}{ipad}{iphone 4 blk16gb}
Reply
post #22 of 109
Quote:
Originally Posted by latafairam View Post

If I am unable to jailbreak after this, I'll have a case against apple. Jailbreaking is now totally legal.

You're not seriously saying that because it's legal to jailbreak a phone that Apple has to ensure that all their future updates are compatible with third party hacking software, are you? I really hope you are because that only makes everyone else look smarter.
post #23 of 109
Quote:
Originally Posted by SendMe View Post

Will it brick previously jailbroken iPhones? I sure hope so. Those Jailbreakers don't have any excuse left for what they do to us.

Care to explain that?
post #24 of 109
Quote:
Originally Posted by noirdesir View Post

Me too, but is 3.1.3 actually affected by this bug? It would seem quite likely but I have not seen a definite confirmation either way.

Definitely. I was able to jailbreak my 3G after a standard install of 3.1.3 (leaving it unjailbroken), and then visiting JailBreakMe.com.
post #25 of 109
Quote:
Originally Posted by William 3.0 View Post

I've been looking forward to this update for my iPhone 4, but I had also hoped for a 3.1.4 version for older iOS devices like my iPhone 3G. I'd prefer not to update it to iOS 4.x.

Yup. I had to downgrade my iP 3G to 3.1.3. iOS4 made it unusable.
post #26 of 109
Quote:
Originally Posted by SendMe View Post

Will it brick previously jailbroken iPhones? I sure hope so. Those Jailbreakers don't have any excuse left for what they do to us.

Not only will it not brick a jailbroken phone, Apple also chose not to patch the baseband holes that are used to unlock the iPhones. It seems like Apple is much more interested in closing serious security flaws than fighting the jailbreak and unlock community. Some of their brain dead fanboi's on the other hand are still living in LaLa land.
post #27 of 109
Quote:
Originally Posted by Bancho View Post

Seriously? What impact have those who jailbreak their phones had on you?

Quote:
Originally Posted by ghostface147 View Post

What have they done? Has a jailbreaker ever damaged your own phone remotely? If anything, I am sure the JB community has actually helped users more than you know.

Quote:
Originally Posted by adisor19 View Post

OH NOEZ !!1ONEOEN ZE JAILBREAKERS ARE OUT TO KILL US
...

I'll tell you one thing the jailbreakers did to the rest of us ...

They publicised a zero-day vulnerability in the iPhone and left every iPhone user in the world open to malicious hackers and viruses for the duration. This is actually what the article is about doncha know.

- They also enable massive theft of apps which raises the prices in the app store.
- Roughly 40% of them are thieves and steal apps themselves
- They publish endless dribble to forums like this about the benefits of jailbreaking

Jailbreaking is also still illegal really, given that the recent ruling by the Library of Congress seriously overstepped their authority and decided things that are completely unprecedented (like it's okay to steal Apple's code since it was only a "small amount"?). If they had followed precedent and common law principles, jailbreaking would never have even become the "quasi-legal" thing it is now and remained firmly "illegal."
post #28 of 109
Quote:
Originally Posted by William 3.0 View Post

Definitely. I was able to jailbreak my 3G after a standard install of 3.1.3 (leaving it unjailbroken), and then visiting JailBreakMe.com.

Damn you! Look what you have done to me! How will I ever go on with my life now that you have installed unauthorized software on an iPhone?
post #29 of 109
Two weeks. Good turnaround.

Quote:
Originally Posted by SendMe View Post

Will it brick previously jailbroken iPhones? I sure hope so. Those Jailbreakers don't have any excuse left for what they do to us.

What a jerk. I'd ask what they've done to you, but someone else already has.
I'd suggest you read a bit about it, but you won't.

Quote:
Originally Posted by AIaddict View Post

Not only will it not brick a jailbroken phone, Apple also chose not to patch the baseband holes that are used to unlock the iPhones. It seems like Apple is much more interested in closing serious security flaws than fighting the jailbreak and unlock community. Some of their brain dead fanboi's on the other hand are still living in LaLa land.

That's good news. The exploit should be a much higher priority and the patching shouldn't have waited for Apple to release the next fix in its war against jailbreakers. Although I guess I can understand the later, thanks to elements like software piracy and tethering. Apple has a business interest to work against those things, and something that hurts developers hurts everyone.
The true measure of a man is how he treats someone that can do him absolutely no good.
  Samuel Johnson
Reply
The true measure of a man is how he treats someone that can do him absolutely no good.
  Samuel Johnson
Reply
post #30 of 109
Did any 3G user upgraded to 4.0.2? I don't want to change from 3.1.3 to 4.0.2. iOS4 is just sluggish on iP3G. Did Apple change anything?

iMac mid 2011 • 27 in • 3,4 GHz Core i7 • 32 GB RAM • AMD Radeon HD 6970M 2GB VRAM

Reply

iMac mid 2011 • 27 in • 3,4 GHz Core i7 • 32 GB RAM • AMD Radeon HD 6970M 2GB VRAM

Reply
post #31 of 109
Quote:
Originally Posted by Prof. Peabody View Post

I'll tell you one thing the jailbreakers did to the rest of us ...

They publicised a zero-day vulnerability in the iPhone and left every iPhone user in the world open to malicious hackers and viruses for the duration. This is actually what the article is about doncha know.

Actually the vulnerability had been public for some time, they just decided to use it while Apple took their sweet time releasing a patch they claimed to already have internally.

Quote:
- They also enable massive theft of apps which raises the prices in the app store.
- Roughly 40% of them are thieves and steal apps themselves
- They publish endless dribble to forums like this about the benefits of jailbreaking

Many people in the community are very anti piracy, including members of the dev-team who repeatedly write publicly on the subject. There is also no evidence that apps cost more because of piracy and jailbreaking. In fact, other than TomTom, the most expensive apps I have bought are from Cydia. They have money on the line too!

Quote:
Jailbreaking is also still illegal really, given that the recent ruling by the Library of Congress seriously overstepped their authority and decided things that are completely unprecedented (like it's okay to steal Apple's code since it was only a "small amount"?). If they had followed precedent and common law principles, jailbreaking would never have even become the "quasi-legal" thing it is now and remained firmly "illegal."

Seriously? I take it you have absolutely no experience with copyright, law, and government. The DMCA specifically gave them the authority to make the decisions they have made. The fact that the jailbreak remains necessary to use the device on another network besides AT&T also strongly supports its legality under the DMCA even without the recent ruling.
post #32 of 109
305 MB download! For something that was written in a couple of weeks and doesn't have any media files, it seems a bit bloated. Who taught these guys to code?
post #33 of 109
Quote:
Originally Posted by einsteinbqat View Post

Did any 3G user upgraded to 4.0.2? I don't want to change from 3.1.3 to 4.0.2. iOS4 is just sluggish on iP3G. Did Apple change anything?

I know quite a few who have the 3G and updated to iOS 4 and some of them encountered the terrible sluggishness that has been reported. Every one of them has been able to resolve this problem with a DFU Recovery, which sucks given the inconvenience, but they've all got perfectly usable 3Gs now.

That said, if I had one I probably wouldn't upgrade. I know some users say their problem gradually came back despite restoring (not sure if they did the DFU Recovery) and, taken at face value, who is to say there isn't a bug causing problems for them? iOS 4 doesn't offer much to a 3G user, and even in a proper case, it does run slower on those older phones than iOS 3.

I guess I'd just get a new phone, but that's not an option for everyone either.
The true measure of a man is how he treats someone that can do him absolutely no good.
  Samuel Johnson
Reply
The true measure of a man is how he treats someone that can do him absolutely no good.
  Samuel Johnson
Reply
post #34 of 109
Quote:
Originally Posted by Prof. Peabody View Post

I'll tell you one thing the jailbreakers did to the rest of us ...

They publicised a zero-day vulnerability in the iPhone and left every iPhone user in the world open to malicious hackers and viruses for the duration. This is actually what the article is about doncha know.

- They also enable massive theft of apps which raises the prices in the app store.
- Roughly 40% of them are thieves and steal apps themselves
- They publish endless dribble to forums like this about the benefits of jailbreaking

Jailbreaking is also still illegal really, given that the recent ruling by the Library of Congress seriously overstepped their authority and decided things that are completely unprecedented (like it's okay to steal Apple's code since it was only a "small amount"?). If they had followed precedent and common law principles, jailbreaking would never have even become the "quasi-legal" thing it is now and remained firmly "illegal."

You forgot to blame Adobe for all of this. They, after all, created the PDF format.

Life is too short to drink bad coffee.

Reply

Life is too short to drink bad coffee.

Reply
post #35 of 109
Quick question for those who know about such things:
I jailbroke my iPod Touch 2G on iOS 4.0 for the first time to see what it was like, and am not liking the slowness. I want to update to this and am wondering if doing so will make my iPod Touch basically exactly like it was before I jailbroke. Any info on this?
GIGO. The truth in all of life.
Reply
GIGO. The truth in all of life.
Reply
post #36 of 109
Quote:
Originally Posted by Obelix View Post

305 MB download! For something that was written in a couple of weeks and doesn't have any media files, it seems a bit bloated. Who taught these guys to code?

It's the entire OS - that's how Apple has always distributes iPhone OS updates.
post #37 of 109
Quote:
Originally Posted by Xian Zhu Xuande View Post

That's good news. The exploit should be a much higher priority and the patching shouldn't have waited for Apple to release the next fix in its war against jailbreakers. Although I guess I can understand the later, thanks to elements like software piracy and tethering. Apple has a business interest to work against those things, and something that hurts developers hurts everyone.

Don't confuse jailbreaking with unlocking. Jailbreaking allows the install of non-appstore apps. Unlocking which they did not patch in the last few releases is opening the phone to use any GSM sim from carriers other than AT&T.

4.0.2 does disable the jailbreak, at least through the web page, but that is a side effect of fixing the gaping security hole they had. What they did not do is disable the unlock, which would not have been hard, and which they have done with past updates. That may be a sign that Apple is weighing their priorities differently or perhaps it is a sign of upcoming changes with regard to official unlocking.
post #38 of 109
Quote:
Originally Posted by Obelix View Post

305 MB download! For something that was written in a couple of weeks and doesn't have any media files, it seems a bit bloated. Who taught these guys to code?

The coding isn't at fault; you're downloading the entire OS with every file that comes with it, from kernel to iPod icons.
post #39 of 109
Quote:
Originally Posted by SendMe View Post

Will it brick previously jailbroken iPhones? I sure hope so. Those Jailbreakers don't have any excuse left for what they do to us.

Quote:
Originally Posted by William 3.0 View Post

What exactly has a Jailbreaker done to you?

probably they shattered his day-dreaming that everything is perfect and hunky-dory at Apple, and that every invention under the sun was originated from US of A. The guy is still reeling from the shock
post #40 of 109
Quote:
Originally Posted by Smiles77 View Post

Quick question for those who know about such things:
I jailbroke my iPod Touch 2G on iOS 4.0 for the first time to see what it was like, and am not liking the slowness. I want to update to this and am wondering if doing so will make my iPod Touch basically exactly like it was before I jailbroke. Any info on this?

The slowness is from 4.0 not from the jailbreak, but, you can install 4.0.2 and have a clean, non-jailbroken phone again. Apple was also looking into 4.0 slowness so there may be some fixes in there as well. If not, go to settings and turn off the spotlight indexing. It can help a lot!
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: iPhone
AppleInsider › Forums › Mobile › iPhone › Apple releases iOS 4.0.2, 3.2.2 with fix for PDF exploit