iPhone OS 3.1 now available, fixes security vulnerabilities
updated 03:50 pm EDT, Wed September 9, 2009
Security issues fixed in latest iPhone firmware
The latest iPhone firmware, announced during Apple's music-themed media event, addresses a variety of security vulnerabilities. Previous releases had allowed unauthorized use of a device after a timeout period configured by an Exchange administrator. The system now disables any "Require Passcode" values greater than the maximum inactivity time lock setting, eliminating the time gap.
Another fix prevents Spotlight from accessing messages in a Mail folder after they have been deleted. The company has corrected a CoreAudio bug that allowed maliciously crafted AAC or MP3 files to execute arbitrary code.
Previous releases also allowed unauthorized users to bypass the passcode on a locked device and gain access to data, while a UIKit bug briefly showed password characters as they were deleted. The v3.1 firmware addresses several WebKit vulnerabilities, ranging from password disclosures to numeric character references.
The firmware update is available for the iPhone or iPod touch and can be downloaded through iTunes. iPhone owners can update for free, while the firmware costs $5 for the Touch.
WTF???
09/09, 04:40pm reply
The firmware update is available for the iPhone or iPod touch and can be downloaded through iTunes. iPhone owners can update for free, while the firmware costs $5 for the Touch.
According to Macintouch, it's only $5 for those not already running v3.0 of the OS.
And is it an OS or firmware? I wish they'd make up their mind.
testudo
Fresh-Faced Recruit
Joined: Aug 2001
Oh
09/09, 04:48pm reply
And apparently Apple has decided to s**** over the early adopters. I guess the 3.1 update from 2.0 is only worth $5 now? Learn a lesson here. Don't rush out and update. Wait until Apple decides to drop the price.
testudo
Fresh-Faced Recruit
Joined: Aug 2001
Why not both?
09/09, 04:54pm reply
"And is it an OS or firmware? I wish they'd make up their mind. "
No reason it can't be both. And, in this case, it is. The firmware I work on uses Linux as the OS. Apple just has their own OS that they use in their iPhone firmware.
zz5555
Fresh-Faced Recruit
Joined: Feb 2007
I also was screwed
09/09, 05:15pm (1 reply) reply
Yep,
I paid the $20.00 as well to go to the 3.0 version and now folks can go to 3.1 for $5.00. Where is my iTunes credit (or the equivilant) Apple?
I have read this before that the Touch cannot get the update for free because of legal issues...YET Apple has never explained these "legal issues" ... we are just supposed to trust them...because they are nothing like MS.
While my iPhone is nice as a smart phone, and I use it quite often, my music playback will be provided by a dedicated player...and it won't be this intentionally nerfed iPod Touch. I am so disappointed by this yearly update.
I guess I will look at the Sony x-series or the Zune HD for music playback...and I shouldn't have to. I should be able to buy a Touch with the same features as the iPhone, sans the phone part.
Boo Apple Boo.
lamewing
Forum Regular
Joined: Aug 2004
Re: You shoud read more
09/10, 12:02pm reply
You claim that Apple has never disclosed why iPod Touch users pay for upgrades, yet with EVERY_SINGLE_RELEASE it has been thoroughly explained. It has to do with accounting. Apple counts all monies made from iPod Touches as a 1 time deal which requires that no new functionality be added without charging for it. All monies from iPhones are counted over a 2 year period, hence no upgrade cost.
Um, Apple doesn't explain this. Others explain it. But it isn't like Apple has an asterisk on their sales page explaining this.
But it doesn't explain two other things.
One: Why is the price now $5? It was $10. Is the value added now different than the value added then?
Two: Why don't owners have to pay for v3.1? v3.1 adds features that weren't there before (genius for apps). Or arent these additions worth anything?
testudo
Fresh-Faced Recruit
Joined: Aug 2001