UPDATED: iPhone OS 3.0.1 Now Available Via iTunes
Update: Gizmodo received a statement from Apple regarding the 3.0.1 software update:
blockquote>We appreciate the information provided to us about SMS vulnerabilities which affect several mobile phone platforms. This morning, less than 24 hours after a demonstration of this exploit, we've issued a free software update that eliminates the vulnerability from the iPhone. Contrary to what's been reported, no one has been able to take control of the iPhone to gain access to personal information using this exploit.
ORIGINAL: Apple has just went ahead and dropped the iPhone OS 3.0.1 software update for all users to grab directly from iTunes. Still no mention on Apple's site (opens in new tab) of what exactly this update includes besides the patching of the recently discovered SMS vulnerability - just don't expect much of anything else except for the possibility of some potential bug fixes.
Updated yet? Notice anything new? Not going to update? Let us know in the comments below!
As with any update from Apple, if you are currently running the 3.0 software jailbroken, do not update if you wish to keep your device in it's current state. Updating will break your jailbreak.
Get the best of iMore in your inbox, every day!
Your source for all things Apple
Updating now, will post later.
I just got a badge notification, an SMS, and a call while my phone was backing up, prior to installing 3.0.1, and that set me to worrying.
Doing something would, in most people's opinion, have meant the patch would be in place before the Black Hat presentation. It took Android two days. It took Apple 6 weeks, and public embarrassment.
Huh? Apple didnt just slap this together overnight, it was obviously being worked on for a minimum week or 2. I see no embarrasment, they exploited iphone, Android, and WM.
I dont know the programming differences between iphone and Android, but this is obviously a WHOLE OS package meaning it was more difficult to compile than just a 100kb patch file.
sorry im still kinda learning stuff on this fone and i dont wanna have to pay for the APP again
It took Google two days, with an OS designed for multiple hardware configurations. Apple certainly could have put this together overnight, and, if they could not, that is a consequence of their own design decisions, and they certainly deserve to be called out for it.
If you haven't been using your iTunes regularly, you may have missed an Itunes update as well.
So that might have been what it was talking about.
Go into Itunes and check for update, and if found, applay that update first, then plug in the phone to see if it will update the phone software.
In fact, it doesn't even matter if most people skip it, because the mere fact that it was released and (presumably) works to prevent the sms attack will remove any incentive to try mass exploitation of this security flaw.
youre not understanding, theres a time differnece to prepare a patch vs compile a whole new OS revision. Difference in platforms, theres nothing you can do about it.
there is no citation, its common sense a whole mobile OS revision isnt compiled and released in a day without testing. Nor does coding take a day. Its a pretty common sense guess.
Book Mark this page:
Android experience suggests this takes two days, patch, test, and release. Done!
So assuming apple programmers are only 1/3 as smart as Google programmers it should have taken them no more than 6 days. Compile time: 3 hours, maybe 6 hours since they have to use Mac hardware. (My quad processor does a whole linux kernel compile in 1h:27m flat).
But if we assume the Apple programmers are top notch, as all the fanboys tell us, and we assume the Mac hardware is top notch (it just works), it means that: Go ahead: Prove me wrong. The data, sparse as it is, is on my side.
Citation was in the message you responded to.
It was deductive reasoning based on Android response time (2 days), vs Apple response time (6weeks).
Like I said: go ahead and prove me wrong.
Further proof Apple didn't even start working on this till Monday or later: http://www.reuters.com/article/technologyNews/idUSTRE56T5IT20090731
Yet, the exploit developers told Apple about this and showed then how to do it 6 Weeks ago.
you still arent listening. Theres a HUGE differnce between a small file for a patch and a WHOLE OS update. This is like compiling a 150kb security patch from Windows Update vs recompiling XP with the patch. Big time difference.
Second, youre quote proves nothing for time frame. It says they released the patch and how "quick after the demonstration" they did so. Says nothing about when they began working on it since by your own volition, theyve "known about it for 6 weeks"
There's a HUGE different between someone who runs large development organizations that deal with tons of products, schedules, releases, and you.
A small patch does not require an OS recompile, under anything other than a ridiculously contrived scenario (interface update to a library included directly by every other piece of the OS).
The fact that Apple can't figure out how to deploy patches, and instead chooses to re-flash the operating system for every fix is certainly their choice - but has nothing to do with "compiling" anything.
Your constant harping on how Apple has to "recompile" the whole OS, compared to Google - you're constant ignorance of the difference between 2 days and 6 weeks - really, you're just looking like a moron to those with a clue.
This patch is not to close that open window. It's to move the the whole window to another wall. Apple is not just going to walk away from remote control of said devices! They are also hiding behind an illegal user agreement to keep this "illegal right" to keep aforementioned open window into your device. Hence the great big pile of lies that is the latest official statement on jailbreaking. The only thing true on that whole list is that clever hackers can use a jailbroken iPhone to hack into things. The rest is lies!
Since you have to speak to people like a 15 year old and call them names your credibility has been ruined and nothing you say shall be taken with any hint of validity by me at this point.
Grow up and learn how to speak to people you disagree with instead of flaming like a little child
Show me ONE phone in the wild thats been hacked by this? NONE
So who cares, this isnt a pissing contest. They both were patched before ANYONE was affected. End of story.
First I've been in software development all of my adult life, so don't tell me how long it takes to fix two or three modules out of a system, re-compile that entire system, and make it available in binary form.
The time estimates I used were from real life experience with systems FAR larger than 280megs.
Over the years I've had to routinely applied custom patches to Linux SCSI tape drivers, recompiled the entire Linux kernel and driver stack to obtain a customized kernel, and distributed it to 13 sites via ssh. The entire process, start to finish, including coffee breaks, took less than 1 day.
Second, the "how quick we did it" self congratulatory back-patting by Apple is clearly, obviously, transparently, ass covering, carefully phrased for the mainstream press (and other gullible people) to hide the fact that they basically were FORCED into rushing out this new release by the announcement of the Black Hat conference presentation.
They CLEARLY didn't take it seriously. They CLEARLY dismissed the entire thing. If they had fixed it in a timely manner the presentation would never had taken place.
How do I know? Because they could have had this out a week after being told about it if they wanted to. Miller had reported the bug to Apple on June 1.
The fact that Miller and Mulliner are stand up guys, and Did the RIGHT thing by telling Apple ahead of releasing the methodology should be small comfort to any thinking person. Would the Russian mob or spammers have been so forth coming?
Security DOES matter.
You're the one who appointed yourself software development and distribution expert to school the forum about how OS's are "compiled" and delivered. Hence, you are the one making the assertions that need to be defended.
It does not take 6 weeks to compile a modern OS. A relatively fast desktop computer can build LFS or any other source-based Linux distribution in a matter of days, at most. OS X on the iPhone is much smaller.
OS's do not require a complete recompile to address a vulnerability in one part of the included application software. This is an elementary concept to anyone with experience in software design or development. You don't even need to be an OS expert.
Distributing a complete OS image for every minor patch is a (foolish and unnecessary) choice Apple made as a cop-out to building a real and robust patch management system.
The fact that Apple neglected to deliver a patch until after the exploit was demonstrated publicly, and they had egg on their face, is a relevant point - and is the real point behind this discussion, despite your desire to attack the strawman about "who was first."
I didn't call names, I characterized behavior. Your continued allegiance to bad information makes you look like a moron. Presumably you are not, so you are advised to educate yourself before continuing to chastise others out of ignorance.
Apple did not do the job. The job is "release timely updates to serious security exploits as soon as you become aware they exist."
The job is not "ignore serious security holes until knowledge of them becomes mainstream, and people are conducting seminars complete with demonstrations of how to hack your platform."
The fact that Apple did NOT "do the job" is the point of this discussion. The fact that Apple acted exactly like Microsoft in sitting on their hands until after their name was mud and they had to do SMOETHING to save face speaks volumes about their corporate ethic, and is the salient point of the discussion.
The AP News App was unusably SLOW. (so much so that its Push notifications were useless). Its MUCH faster now.
The Google Voice Search feature of the Google APP was totally BROKEN since OS 3.0. You could hold it up to your ear to speak into it, but it would never sound the tones or accept your spoken search terms. Gawd I missed that.
It too is fixed. (Google had stated on their help site that the bug was in OS 3.0, and not the Google App.).
There is more in this update than JUST the security patch.
Everything is where it should be and running smooth.
just like to whinge. No one was hurt, no one was hacked, the patch was fixed, Charlie Miller had another 5 minutes of dubious fame on the blogosphere. End of story. Yawn. Move on.
Charlie miller didn't just find the security flaw, he told them how to patch it. Apple didn't have to do any work at all to patch it. And the size of the file has nothing to do with it because it includes the whole OS not just the patch.
I wonder if Apple made some networking fixes as well.
did it really improve battery life or are you kidding?
The update gave me error 1602 and the iPhone locked up.
I was only able to reactivate from an Apple Mac computer.
And when I went to restore, I could not restore my application data. The applications reinstalled, but the backup apparently would not include the data. So now I am faced with a big setup process to get everything back like it was.
1) This specific issue is patched. Good.
2) It took six weeks from notification of this vulnerability for Apple to deliver a fix to their customers. Not so good.
Its always been this way, and it will probably remain so for the foreseeable future. Get over it.
The Good news is there is MORE than just the SMS fix in this release.
So Far I have found:
1 IM+ reconnects almost instantly. No grinding away and then popping up a failure notice.
2 The Google App which failed to work for Voice search unless you pressed the little mic icon now works again when you hold it up to your ear
3 Fring has stopped asking to use my GPS every minute
4 My wireless connections don't lose their passwords (yet anyway).
5 My wifi jumps on my local router way faster.
I can't see any battery problems either.
I think there were significant improvements to the TCP stack in this version.
Early adopters have found that redsn0w JB already works on 3.0.1 (just point it at 3.0 IPSW!) Even for 3GS & ultrasn0w.
I think it's ok that you come on TiPB and speak freely about your opinions this is "The iPhone Blog", not "The let's talk about why apple and the iPhone are so wonderful and amazing Blog".
There are SEVERAL THINGS WRONG with the iPhone and it's software but I STILL LOVE IT. if people never said anything about the negative side of things, nothing would ever be fixed. The only thing I don't like is when people talk smack about a blog, ON the blog. That's retarded. Debating is ok as long as it's intellectual and worth our reading time.
I suspect the update is the cause because everything worked fine before, and I only started having problems after I updated.
If you are in Canada and wish to find out about the status of this, call Rogers iPhone Technical Support and quote Master Ticket number WSFR11912
Anyone else notice this problem?!
On another note, it takes an average of 4 hours for my voicemail to arrive after a caller has left a message. Is anyone else experiencing such nasty lag times? Got any solutions?
Jailbreak is also just as straightforward with Redsn0w providing you have the 3.0 ipsw.
JT5: There is no way that an FM/AM "app" is possible. IPhone doesn't contain the necessary hardware ie a radio reciever.
Welcome to nfljerseys store.www.Nfljerseyshare.com