11/07/2008, 8:00pm, EST
Friday, November 7th
iPhone video bug posted, discovery disputed
Piergiorgio Zambrini, or "Zibri" as he is known on the web, has posted a video on his blog that apparently causes the iPhone to crash. Zambrini -- known for his iPhone jailbreaking software -- tells MacNN he discussed the problem with Apple, and offered help fix it for a fee. The company turned him down. Zambrini says he decided to publish the video so "Apple will be free to work on a fix." The news comes as his claim to have been the one who discovered the bug is being disputed.
Zambrini first publicly announced the issue in an interview with Forbes.com. The report said Zambrini had "outsmarted Steve Jobs," by figuring out a way to crash the iPhone. That didn't sit well with UK software engineer Si Brindley, who tellsMacNN he actually discovered the problem back in February, and told Zambrini about it in an IRC conversation back then. Brindley claims that Zambrini essentially stole his discovery, and decided to publicize it now to generate traffic for his blogs. Zambrini's decision to post the suspect video came during an e-mail discussion with MacNN.
Zambrini says he doesn't recall exactly where he first learned of the video but does not remember Brindley telling him about it, although he admits it might have been possible. Zambrini says the podcast video was probably noticed by a number of users at the time and he questions why Brindley didn't write about the bug himself back in February. Zambrini says the important thing is that the problem is serious and can affect applications on PCs and Macs as well as the iPhone.
Brindley agrees that the bug needs to be investigated. He says reports that the bug had been fixed in the latest iPhone firmware version are false, and that the video can still crash iPhones and other software. Brindley says didn't speak out about the problem because engineers he consulted with asserted there was no apparent security risk, so he considered it merely a curiosity. Brindley did, however, add a brief post to the Open Source GSM Blog in February detailing the problem.
While it not may seem like much to the average person, in the world of electronics vulnerabilities, the discovery of a major software bug is a big deal, and Brindley says he wants to set the record straight. Brindley claims it was he, not Zambrini who downloaded and edited the version to various lengths, shortening it to the point where a crash no longer occurred. Brindley also points out that the original video, Toy Museum is still available as a podcast download from Four Docs.
, 
, 10
, 
, 
, 
, 
, 
, 
Top
subscribe to comments
for this article
Zibri is a thief
and there is no doubt about it. One can go one for sometime being a copy-cat but in this world of information being taken seriously every step is analyzed. Zibri has not jailbroken the iPhone. He merely stole it once and now he is claiming to have "found" a bug which may have been told to him. What the f*&^%?
Be straight and own up that you did not Zibri. Please learn the ways of being a true hacker.
Zibri
Somebody once called him a "whining emo idiot" or something like that. I couldn't agree more. What a sad little dumbass.
Hacking not required...
You don't need to hack anything. All you need to do is use Safari on the iPhone. Any sort of web interaction - such as filling in fields in forums - will often crash my Safari. Sometimes, so hard, the phone needs to be reset.
If Apple can't get a web browser that's stable on the iPhone, they should allow someone else to provide one.
But this is a BIG bug
This is a bigger bug than the crash of Safari. If the whole OS crash it's because this is a kernel bug, and any1 who exploit may be can get root privileges.
What a c-word
So, is this blackmail? Sure sounds like it. Attempting to extract money via threats at least.
Does anyone really think an iPhone can never crash? It's only a computer people, not the second coming.
Hi app
I don't know if he's a copycat or not but I know that his ZiPhone app to jailbreak and unlock the 1st gen iPhones were the best of the bunch.
Pay me to fix it for you?
He's not an employee of Apple, and Apple does not employ contract programmers or outsource programming. Each line of code in every Apple product is either pre-existing in BSD or was written by an Apple employee.
He's a tool to think that Apple would pay him contractor's fees to fix a problem. You gotta be an Apple employee in order to code for Apple's programs, bud.
Re: Pay me...
OK, that's nice. He offered to fix it, they said no. What's your point? That he should know that Apple doesn't use a single contractor to work on any line of code in the software?
And you are incorrect to say every line of code is written by Apple. Apple uses a LOT of open source code in OS X. And the underpinnings are part of Darwin, also open source. And lest we forget webkit.
But more importantly, the bug affects PCs and Macs, as well as iPhones. And the previous MacNN article says "The vulnerable code library is common to Apple operating systems and several Linux systems."
Since Apple doesn't write for Linux, I would assume that the library in question is more public than "Written by Apple".
Speeling mistaks
Honestly, who proofs this stuff?
"the one to discovered the bug is being disputed."
"an news interview with Forbes.com."
"Toy Museum is still avaiulable as a podcast"
Is the author of this article drunk?
Nope
"the bug affects PCs and Macs"
The "bug" doesn't show up in either 10.4 or XPsp3. What is your rationale for that statement?