Apple: iPhone security holes, contacts lag, GPS quirks to be fixed soon
A third software update for the iPhone 3G due next month will fix a broad assortment of problems and security issues that users have reported with the handset, say company spokespeople and a pair of alleged emails from chief executive Steve Jobs.
Most critically, the September update will patch a gaping security hole brought to light this week by the diligence of a MacRumors forums member. The vulnerability allows an individual to effortlessly bypass the iPhone's built-in passcode protection and then spider their way through personal information contained in contacts lists, text message histories, and emails.
A similar but less severe exploit was discovered by David Park earlier this month. He noted that the iPhone's auto-lock function could be altered repeatedly without prompting for the phone's pre-set pass code.
"Here's how the flaw is exposed," Park explained on his blog. "Let's say the owner of the iPhone sets the device to auto-lock after 1 hour of inactivity, and 30 minutes after [the] last usage a thief steals the phone. The thief can now change the iPhone auto-lock to lock after the maximum setting of 4 hours and keep doing this until he takes everything he needs off the device."
On Thursday, Reuters cited an Apple spokeswoman of saying the company is aware of the first flaw and is readying a fix. Meanwhile, Park said he forwarded his own discovery to the iPhone maker and received a reference number, assuring that the company is aware that issue as well.
Separately, Apple chief executive Steve Jobs appears to be taking a proactive role in the damage control surrounding a number of other outstanding iPhone software issues, both from his office Mac and via iPhone while on prowl.
In addition to a recently publicized email regarding an in-the-works fix for third party app crashes, Jobs allegedly fired off at least two other responses to customer complaints in recent days. The first was in response to gripes about persistent lag in the iPhone's contact list, in which the customer wittily remarked to the Apple chief that "I bet you even have the issue on your iPhone." Jobs reportedly responded by saying a "Software update coming in September" fixes the issue.
A second alleged mail from Jobs was received by a customer who fired off a litany of software-related complaints, in which he also accused the Apple co-founder of using his customers as "beta testers." Jobs reportedly responded by saying Apple is "working on a software update for September that should fix most of" the problems, which ranged from network weakness and drop calls to disappearing media items and GPS quirks.
Most critically, the September update will patch a gaping security hole brought to light this week by the diligence of a MacRumors forums member. The vulnerability allows an individual to effortlessly bypass the iPhone's built-in passcode protection and then spider their way through personal information contained in contacts lists, text message histories, and emails.
A similar but less severe exploit was discovered by David Park earlier this month. He noted that the iPhone's auto-lock function could be altered repeatedly without prompting for the phone's pre-set pass code.
"Here's how the flaw is exposed," Park explained on his blog. "Let's say the owner of the iPhone sets the device to auto-lock after 1 hour of inactivity, and 30 minutes after [the] last usage a thief steals the phone. The thief can now change the iPhone auto-lock to lock after the maximum setting of 4 hours and keep doing this until he takes everything he needs off the device."
On Thursday, Reuters cited an Apple spokeswoman of saying the company is aware of the first flaw and is readying a fix. Meanwhile, Park said he forwarded his own discovery to the iPhone maker and received a reference number, assuring that the company is aware that issue as well.
Separately, Apple chief executive Steve Jobs appears to be taking a proactive role in the damage control surrounding a number of other outstanding iPhone software issues, both from his office Mac and via iPhone while on prowl.
In addition to a recently publicized email regarding an in-the-works fix for third party app crashes, Jobs allegedly fired off at least two other responses to customer complaints in recent days. The first was in response to gripes about persistent lag in the iPhone's contact list, in which the customer wittily remarked to the Apple chief that "I bet you even have the issue on your iPhone." Jobs reportedly responded by saying a "Software update coming in September" fixes the issue.
A second alleged mail from Jobs was received by a customer who fired off a litany of software-related complaints, in which he also accused the Apple co-founder of using his customers as "beta testers." Jobs reportedly responded by saying Apple is "working on a software update for September that should fix most of" the problems, which ranged from network weakness and drop calls to disappearing media items and GPS quirks.
Comments
Are these actually being confirmed or just taken at word?
So at this point I haven't found that I need to write letters to Apple. Keeping an eye on the updates, web and supports sites is enough for now. That of course doesn't let Apple off the hook, 2.1 had damn well be ready for prime time.
As to the beta quality of the software - well I have to agree and frankly Steevo needs to be held accountable. The problem is these issues may very well be forgotten once a stable version of Mobile OS hits. By the way there is in my mind a huge difference between a product that shipped with a bug or two possible known or unknown but there is a big difference when a product ships that is buggy through out and it is obvious with in a few minutes of use. This is 3G's problem it is buggy through out and not just a little bit.
In any event I was expecting a bit of an unfinished product, what I was not expecting is what we got where everything is unstable. From Apple standpoint I don't know exactly what they can do to re-win consumer trust beyond a solid up grade.
dave
I'm really starting to wonder about all the "emails from Steve Jobs."
Are these actually being confirmed or just taken at word?
To the best of our ability, yes.
Best,
K
To the best of our ability, yes.
Best,
K
Alright, that's good enough for me.
In that case, I want an email from him too.
I'm really starting to wonder about all the "emails from Steve Jobs."
Are these actually being confirmed or just taken at word?
Especially since he's "no longer with us".
What do you expect it to do different is the lock time hasn't expired yet. The phone can't know its been stolen. If the 4 hours aren't up they aren't up. So what?
The reported "bug" about lock doesn't make sense.
What do you expect it to do different is the lock time hasn't expired yet. The phone can't know its been stolen. If the 4 hours aren't up they aren't up. So what?
It wouldn't even matter much anyway, unless the thief is going to use it every 3 1/2 hours, how is a good sleep going to factor in?
I think auto-lock should be set to a number a lot quicker than half an hour anyway.
One thing I haven't seen mentioned is the how fast WiFi seems to be draining the battery. Maybe it is just me, but whenever I switch to WiFi mode, like sitting on my couch 10 feet from my TimeCapsule, the battery lasts about 15 minutes. Is this normal, or do I just have a bad 3G iPhone? Haven't seen anyone even talk about this issue in any of the AI posts.
Ive left wifi on all day. Something wrong with your phone. Try charging a couple of times from your wall charge adapter instead of usb to a computer if you dont do that already. Maybe your usb isnt providing enough power. That can happen as well.
On a related note, has anyone ever heard of Bill Gates/Steve Ballmer personally responding to flaws in Windows? I know they'd eventually run out of time on Earth in responding to what I am sure would be a cavalcade of submissions, but the fact that Jobs is actually doing the responding could only mean that a host of Apple employees have been axed from their respective positions, and that Jobs has assumed their roles until these iPhone issues are resolved.
What does Microsoft have to do with anything? Why does every flaw brought up with regards to Apple have to be bounced off with some requisite swipe at Microsoft?
Grow up!
Best,
DimMok
By shipping a month later, Apple would have had more quality, but would have delayed shipping 3.6m phones. The phones would still have bugs, but fewer perhaps. Here, they shipped the phones and debugged very fast so as to not get too many people super pissed.
I think they did a damn good job with the rollout and the iPhone will earn the moniker of 'best, most secure, most reliable, most fun' mobile out there.
Eventually, we'll see Apple move to dominate all mobiles (Nokia included).
Apple co-founder [accused] of using customers as "beta testers."
Has the size of the user base (tens of millions of people in dozens of markets around the world) necessitated such practices? Could Apple (or ANY company attempting such an ambitious tandem product launch as the iPhone 3G, MobileMe, iPhone 2.0 SW and the App Store all at essentially the same time) have truly tested against, and corrected for, the virtually infinite number of SW configurations existing in the wild? Could any company's R&D/QC divisions have foreseen and/or caught EVERY possible bug and glitch?
Or does it simply become more economical for such a company to QC as much as they can (i.e., do everything possible to avoid a HW recall) as they aggressively attack and capture the market (before the competition does!) and then manage damage control by utilizing users' feedback to identify problems and correct those issues with timely, responsive SW updates? Even with bad press while cleaning up the mess, would such a company still come out ahead (provided, of course, they fix things quickly)?
As an outsider to the computer industry, I'd like to hear some of your thoughts on what we seem to be witnessing?
If these are from Steve Jobs ? I'll eat my G3
Don't you like your G3?
What does Microsoft have to do with anything? Why does every flaw brought up with regards to Apple have to be bounced off with some requisite swipe at Microsoft?
I may be crazy, but I believe Microsoft is one of Apple's direct competitors, so I see no problem in comparing and contrasting management styles and other forms of business practices between the two companies.