I’ve spoken (but not yet written) on this and think it’s worthy of posting to read:
Over the weekend, a new Web-based jailbreak became available for iOS devices, offering users a simple method to open their devices to installation of unauthorized third-party applications. An error in the processing of Compact Font Format (CFF) data within PDF files can be exploited to execute arbitrary code e.g. when a user visits a specially crafted web page using Mobile Safari.
This is applicable to any iOS 4 device (all new iPhone 4s, iPads and any upgraded iPhone 3G and 3Gs). On of the main features of iOS 4 was the SandBoxing approach to applications. This exploit bypasses the SandBoxing by exploiting a third party app. I have to say this doesn’t help Adobe’s popularity in Cupertino.
Time will tell if Apple will release a patch to iOS to resolve the issue or if Adobe will have to update their code. For the time being, the best advice is to browse “safely” (if that’s really possible anymore) or just not browse at all.
The Andriod exploit has a completely different twist on it. Spider Labs released a DVD at Defcon last week that provided a method to root the device. Once the exploit is applied the Android device acts as a bot for the hacker who has full remote-control over the device providing access to all the user information on it. What makes this more interesting is that Spider Labs is an ethical hacking team using this approach to incentivize manufacturer to provide a fix to the issue more quickly.
“It wasn’t difficult to build,” said Nicholas Percoco, head of Spider Labs, who along with a colleague, released the tool at the Defcon hacker’s conference in Las Vegas on Friday. Percoco said it took the team about two weeks to build the malicious software.
CNET reported that there were ten companies had data compromised. The list included Pepsi, Coca-Cola, Apple, and Google amongst others. All information was solicited through one phone call to an employee of the company.
************** UPDATE Aug 5th **********************
CNET has posted that Apple has acknowledged the issue and already have a fix. They did not mention when it would be released but a software update is imminent.
************** UPDATE Aug 11th *********************
Apple has released iOS 4.0.2 for iPhone and iTouch as well as iOS 3.2.2 for the iPad to address this vulnerability. Of course the a side effect to addressing this vulnerability is that it now breaks the functionality of JailbreakMe 2.0. Not that this should be a surprise.
Is anyone surprised that another company is planning to make a touch screen tablet?
Anyone surprised that Verizon wants a piece of this market?
Anyone surprised that Google is planning to use it’s Android platform for a larger touch screen device?
You shouldn’t be. Microsoft introduced a touch screen “tablet” device back in 2001. Many manufactures produced PDA’s of various form factors and eReaders have been around for at least a couple of years. Heck even Apple has been down this road before with the Newton in 1987 (yes, that’s 87). Even though it was 20 years later when Apple introduced the iPhone, there exist some similarities in the “look” of the platform.
Anyway, back to the iPad killer…
I still stand by my argument that we need this type of computing platform. (yes need) To expect other vendors to not enter this market space would be naive. How many new MP3 players hit the market after the iPod was released? How many other touch screen mobile devices have been introduced in the three years since the iPhone was introduced? So we should absolutely expect someone to want to compete in this market space. And that’s a good thing.
Apple has legitimized the market space for this type of device. While talking it down for years saying a complete and “user friendly” device did not exist, they managed to suppress the market with marketing and now have opened up that space. Lets we forget that Palm, the guys who really made the PDA popular, have had the WebOS which runs their Palm Pre device and now rumored to power the new HP Hurricane device (which may or may not successfully run Flash).
I will be interested to see the Android based device, as well as the WebOS device. I stick by my earlier article in that the platforms need to not only be intuitive, but must almost manage themselves for them to really take hold and displace any traditional device (laptop).
- GM introduces Ford truck killer!
- Cheese Cake Factory introduces Friday’s combo killer! (wait, I might like that)
- GAP introduces Levis jeans killer!
Get the idea?
At best I think it’s probably a good search engine technique vs an article title (heck, I’m giving it a try).
I guess it’s just a matter of being first to market or at the top of the market. One way or another you are a target and someone will be aiming for your spot. The odd thing is, this market has existed for years, it just no one outside the “geek” community really paid any attention to it.
Maybe all the Appleholics are right, you don’t really need it until Steve says you need it….
I haven’t had any real issues with AT&T and the iPhone. I’ve tried playing the lottery numbers and it’s not that I’m somehow lucky or more fortunate that others. Perhaps it’s because I don’t make that many phone calls and I’m mainly a data/sms user. Granted I’ve been in locations with “one bar”, but those coverage issues weren’t any different that any other carrier there.
Given the recent Android sales numbers (7% more sales for the market than iPhones in the last quarter), maybe Apple is looking for a competitive boost from this. However Apple is certianly paying attention to those sales numbers and what is really behind them. With all the buy-one get-one offers and reduced prices on Android devices, you would expect sales to be brisk. Imaging how many iPhones would be sold this quarter if AT&T released a $50 iPhone offer, buy-one get-one FREE? Yeah, we can only hope…