iPhone SMS Vulnerability Patched With OS 3.0.1
We made several cautionary posts about the iPhone’s SMS vulnerability over the past month, and it’s finally getting a fix. iPhone OS 3.0.1 is out today at a whopping 280MB.
Apple was apparently highly pleased with themselves for the fix:
We appreciate the information provided to us about SMS vulnerabilities which affect several mobile phone platforms. This morning, less than 24 hours after a demonstration of this exploit, we’ve issued a free software update that eliminates the vulnerability from the iPhone. Contrary to what’s been reported, no one has been able to take control of the iPhone to gain access to personal information using this exploit.
Nice to hear that no one has actually used the exploit to devious ends, but “less than 24 hours after a demonstration of this exploit” is Bushian in its absurdity. The two dates, the update release and the demonstration, are pretty clearly unrelated. It’s not like Apple just threw this thing together over the last 24 hours. If they had, I probably wouldn’t bother installing it. They’ve known about the problem for at least a month. I know that because I’ve known about the problem for a month.
Here’s to completely arbitrary horn-tooting!
Amazon Sued By 17-Year-Old Because The Kindle Ate His Homework
Of course by “ate” I mean “deleted without warning” and by “Amazon” I mean “another in the growing list of evil companies who can’t get their digital rights straight.” The suit, which is a class action, is being brought by Justin D. Gawronski, a 17-year-old from Michigan who lost his notes on George Orwell’s 1984 when Amazon went and pulled the book from all of its Kindle devices.
While I am glad to see someone taking legal action on the matter, it’s a little absurd that it was a 17-year-old who had to do the deed. I would hardly call losing your summer reading notes a serious injunction, but then, what really could be in this situation? The most serious part is simply that Amazon did it, and they shouldn’t have. Now it’s up to the courts to decide if that has any reasonable legal implications. My guess is they’ll simply say, “no.”
Sony Posts $388 Million Dollar Loss
When Howard Stringer took over at Sony four years ago, they charged him with a hefty task: revitalize the company and resuscitate the brand. He’s been struggling to do so ever since.
Today the New York Times reported the number Sony has put to Stringer’s troubles: $388 million. In the red.
Now it’s no secret that Sony has been struggling. They’re getting pmeled in the video game market and soundly beaten with just about every other product they meant to sell competitively. Sony’s bright light is that they’re a world class company and they’ve made their name on innovative products. They can come back from what’s really a mild slump in their massive sales.
Thing is, they need to turn things around yesterday. I can’t say if that means getting rid of Stringer but Sony needs to take advantage of the fact that everyone is struggling and use their massive resources to turn the brand around.
Apple Adds 2TB Time Capsule
Apple’s just announced a new Time Capsule, the company’s combination 802.11n router and NAS drive, bumping the storage capacity to a full 2TB. The new drive comes in at a whopping $499.
The more interesting news is the price reduction Cupertino’s thrown to the 1TB version. You can pick up the lesser version for just $299, down from the new 2TB’s price of $499. That’s a massive reduction, and it certainly makes me wonder what kind of margin they were reaping on the device. Of course, storage is so cheap now you can imagine it was huge.
The device hasn’t changed other than the storage capacity. What I’d really like to see is a RAID capable drive for the truly storage savvy among us. 2TB of offsite storage is great, but what of your backup’s backup? I suppose that’s how they’ll try to sell MobileMe.
Alert! The iPhone can be hacked via SMS
If you are an iPhone user, or even if you know an iPhone user, you should be aware of a security hole where your iPhone can be hacked via SMS. This is serious stuff and you should share this knowledge with everyone you know. This hole could enable the hackers to take total control over your phone. Here are the details according to wired.com’s Gadget Lab:
Security researchers Charlie Miller and Collin Mulliner will publicize the exploit Thursday at the Black Hat cybersecurity conference, according to Forbes. The researchers said the hack involves sending a series of mostly invisible SMS bursts that effectively hijack an iPhone. From thereon, a hacker could control all the functions on the iPhone, such as e-mailing, dialing contacts — and, most alarmingly, sending more text messages to hijack even more iPhones.
How can you know if you’re being SMS attacked? According to Miller, one giveaway is if you receive a text message containing a single square character. If that happens, he suggests you immediately turn off your iPhone.
“This is serious,” Miller told Forbes. “The only thing you can do to prevent it is turn off your phone. Someone could pretty quickly take over every iPhone in the world with this.”
So until you hear otherwise from Apple, do as it says and turn off your phone immediately if you get a strange square text message. I would suggest taking your phone into the Apple store before turning it back on. Hopefully Apple will release a new iPhone OS patch soon to take care of this issue.