or Connect
AppleInsider › Forums › Mobile › iPhone › Apple releases iOS 4.3.5 to address certificate violation issue
New Posts  All Forums:Forum Nav:

Apple releases iOS 4.3.5 to address certificate violation issue

post #1 of 18
Thread Starter 
Apple on Monday released iOS 4.3.5 for the iPhone, iPad and iPod touch, addressing a security vulnerability related to certificate violation.

The update comes less than two weeks after iOS 4.3.4 was released. It is available for the GSM iPhone 4, iPhone 3GS, iPad 2, iPad, and third- and fourth-generation iPod touch.

Also released on Monday was iOS 4.2.10 for the CDMA iPhone, available on Verizon's network.

The previous iOS update was released on July 15. It patched a security hole related to viewing PDFs in the Mobile Safari Web browser, an exploit that had been utilized by hackers to "jailbreak" the iPhone and iPad.

Though security fixes have been issued, Apple is not expected to add any major new features to iOS 4. The company is focused on delivering the next-generation version of its mobile operating system, iOS 5, to users this fall.

iOS 5 is currently in beta and is being tested by developers who write software for iPhones and iPads. The fourth beta of iOS 5 was issued to developers last Friday.
post #2 of 18
Hey! No comments about how Apple is just doing it to cheat the jailbreak community out of their legal right to jailbreak their phones. I'm impressed.
post #3 of 18
Quote:
Originally Posted by Gustav View Post

Hey! No comments about how Apple is just doing it to cheat the jailbreak community out of their legal right to jailbreak their phones. I'm impressed.

Thanks for inciting something that wasn't going to happen.

All this is fluff before iOS 5, anyway. I'm sure plenty of "valid" users won't even upgrade.

Originally Posted by asdasd

This is Appleinsider. It's all there for you but we can't do it for you.
Reply

Originally Posted by asdasd

This is Appleinsider. It's all there for you but we can't do it for you.
Reply
post #4 of 18
Holy moly, this update is taking forever. I thought my iPhone 4 had crashed during the process of installing it, but finally, I see the progress bar moving.
post #5 of 18
Quote:
Originally Posted by Gustav View Post

Hey! No comments about how Apple is just doing it to cheat the jailbreak community out of their legal right to jailbreak their phones. I'm impressed.

They only did this to prevent me from jailbreaking my phone - even though I don't jailbreak it to begin with!

All better now, huh?
post #6 of 18
Anybody with any sense will be updating ASAP. Honestly once an exploit is known in the wild you just asking for trouble to ignore an update.

I see it as a very positive thing that Apple isn't shy about releasing security updates

Quote:
Originally Posted by Tallest Skil View Post

Thanks for inciting something that wasn't going to happen.

All this is fluff before iOS 5, anyway. I'm sure plenty of "valid" users won't even upgrade.
post #7 of 18
Complete and utter scare tactic to prevent people from jailbreaking. Nothing more.
post #8 of 18
Quote:
Originally Posted by Gustav View Post

Hey! No comments about how Apple is just doing it to cheat the jailbreak community out of their legal right to jailbreak their phones. I'm impressed.

Legal perhaps. But not moral. The EULA stipulates against jailbreaking.
post #9 of 18
Quote:
Originally Posted by Curmudgeon View Post

Legal perhaps. But not moral. The EULA stipulates against jailbreaking.

Morality?

So if I create a product where the EULA stipulates that you're not allowed to eat meat while using my product, and you accept the EULA, that makes that activity immoral? If so, I think I just might start slipping such provisions into EULAs. Nobody besides lawyers reads those things anyways.
 
Reply
 
Reply
post #10 of 18
Quote:
Originally Posted by Gustav View Post

Hey! No comments about how Apple is just doing it to cheat the jailbreak community out of their legal right to jailbreak their phones. I'm impressed.

Yeah, Apple should show more fairness and give jealbreakers and malicious hackers also a chance, closing security holes so quickly is just not fair towards these two groups of people, they don't get a fair chance to do what they want to do.
post #11 of 18
Quote:
Originally Posted by noirdesir View Post

Yeah, Apple should show more fairness and give jealbreakers and malicious hackers also a chance, closing security holes so quickly is just not fair towards these two groups of people, they don't get a fair chance to do what they want to do.

Apple isn't legally obligated to leave holes open for people to jailbreak their phones. They wrote the OS and built the hardware, they can do whatever they want with it to keep it their product. Not to mention it was a security flaw.
post #12 of 18
Quote:
Originally Posted by Mac.World View Post

Complete and utter scare tactic to prevent people from jailbreaking. Nothing more.

Your the kind of muppet that would post "epic fail, Apple leave glaring security hole open on the iPhone" if they didnt patch it.
post #13 of 18
Quote:
Originally Posted by Nobodyy View Post

Apple isn't legally obligated to leave holes open for people to jailbreak their phones. They wrote the OS and built the hardware, they can do whatever they want with it to keep it their product. Not to mention it was a security flaw.

He was joking!

TechnoMinds

We are a Montreal based technology company that offers a variety of tech services such as tech support for Apple products, Drupal based website development, computer training and iCloud...

Reply

TechnoMinds

We are a Montreal based technology company that offers a variety of tech services such as tech support for Apple products, Drupal based website development, computer training and iCloud...

Reply
post #14 of 18
.....
post #15 of 18
Well, I just upgraded my iPhone 4 to 4.3.5, will do my iPad 2 tomorrow. As with all previous iOS upgrades, worked just fine and without any issues.

I agree that most people should upgrade to this as quickly as possible. Surely, one of the reasons for Apple is to close another possible loophole for jailbreaking; I'm not interested in that - I did in the "original iPhone" days to get one working with my then non-supported German carrier through an unlock, which I don't need to do anymore - so I couldn't care less.

What one should keep in mind for the sake of this discussion is a simple fact of life. Whatever allows someone to jailbreak their phone can also be exploited by malware, doing bad things to your data and your device. And one of the key reasons why iPhone, among the other mobile platforms, has seen the least amount of trouble with that kind of issue is clearly Apple's attention to those loopholes, their ability and willingness to fix them quickly and a really well-working upgrade process with a very good adoption rate.

I for myself prefer to keep it that way, and with the current condition of the official app store and most software pricing, that's a very small price to pay for me to have such peace of mind.

Fl.
post #16 of 18
FYI, I used this exploit to painlessly jailbreak my iPad 2, then I immediately went to Cydia and installed the jailbreak friendly patch for said vulnerability, called "PDF Patcher 2." This exploit is not a hoax; it is a legitimate threat that the jailbreak community also felt obliged to fix in order to protect its users. Either jailbreak and patch, or update to iOS 4.3.5.
post #17 of 18
Quote:
Originally Posted by quaternio View Post

FYI, I used this exploit to painlessly jailbreak my iPad 2, then I immediately went to Cydia and installed the jailbreak friendly patch for said vulnerability, called "PDF Patcher 2."

FWIW, I think the PDF vulnerability was fixed with 4.3.4; this is something new related to some kind of certificate handling. It is not totally clear whether this can be used for jailbreaking and/or exploits, but in case of doubt, I'll trust Apple that it can be used to do something nasty. :-)
post #18 of 18
Quote:
Originally Posted by florianvk View Post

FWIW, I think the PDF vulnerability was fixed with 4.3.4; this is something new related to some kind of certificate handling. It is not totally clear whether this can be used for jailbreaking and/or exploits, but in case of doubt, I'll trust Apple that it can be used to do something nasty. :-)

Thanks for the heads up. Hopefully someone will/has post(ed) a patch for us folks.
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: iPhone
AppleInsider › Forums › Mobile › iPhone › Apple releases iOS 4.3.5 to address certificate violation issue