Page 3 of 4 FirstFirst 1234 LastLast
Results 41 to 60 of 63

Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.


Thread: Huge Secuirty Flaw in firmware 2.0.1 and 2.0.2

  1. #41
    Quote Originally Posted by dale1v View Post
    I've seen the same response all over the net, and it annoys me: "it's not a big deal"
    It's a big problem. This phone is supposed to be approaching:
    Enterprise-ready.
    that means: Security please.

    For Average Joe, having the ability to access contacts and mail through unofficial means may not be a big deal to:
    Average Joe

    For an enterprise who send plenty of confidential emails to employees a day, or a businessman with clients contact details on his phone, having the ability to access private data like this is NOT ON.

    Of the millions of iPhone users globally, can we all really say (with confidence) that all of them will be Average Joe's and that all of them will be kind, pure and just? Please.

    I think some of us need to step out of "everything-is-happy-and-perfect-in-Apple-Land" and start looking at the circumstances and possible consequences of leaving gaps in software that take place in the Real World.
    Pffft. Your argument would be great if Blackberry's were much different. If someone is trying to steal your phone to get to your corporate data a quick search of the internet will introduce them to many many programs to accomplish the task.

    This pretty much just saves the theif from having to connect the phone to a PC.

    Moral of the story if you are a ENTERPRISE USER concerned about SECURITY then just maybe YOU should be careful with what YOU do with COMPANY PROPERTY.

  2. #42
    Quote Originally Posted by Muggz5 View Post
    Yeah I really dont see an issue with this. I dont know Id consider it a security breach either. I guess its really no more of a breach then leaving your wallet on the table and walking away. No one in the right mind would really do this, just as I dont leave this phone on my desk or if it left out its at home, and surely my wife wouldnt steal mine since she has one

    Although I think its informative and I did change it from my favorites to just the home screen as suggested. It also reminded me to turn off ipod controls, because nothing is more aggrevating than having the ipod run all day in my pocket because I accidentally somehow double tapped the home key. (which ive done a few times and drained my battery )

    Was this an attempt at a "back door" just in case someone forgot their password and they dont have to reload the firmware? ( I doubt it but it comes to mind) Or do they have ethical hacks that can get through that?

    Also is this extremely important person with these highly classified contacts addresses etc etc so easily available that someone who wants this info can get close enough to physically steal it? Why not instead of going through that much trouble just hack into their computer where they sync and steal it from their address book iTunes syncs to. You would certainly know about itunes if you knew about favorites and keys to get to those favorites.


    So again, this is why I say "its not that big of a deal"
    All enterprise employees (the BB users that Apple would like to convert over) use exchange or another form of push to device not only for convenience but security as well.

    Security is key in the business world. With the insane amount of espionage and foul play, one can never be too secure.
    Now Apple has incorporated remote deletion of sensitive data on the iPhone because it attempts to play into the business world where BB dominates (for very good reasons).

    Problem is that Apple's lack of experience in that field disallows them to think ahead in terms of security and base features.

    Fact is, iPhone's "Business+Security" gimmick was tacked on as an afterthought as it's more then obvious the device wasn't developed with enterprise in mind.

    Luckily, most people in need of enterprise features are smart enough not to get an iPhone.

    I still use my work BB and my Moto Q for all things work.
    iPhone to me is exactly what it was intended to be; iPod with a built-in phone....and as that, I really like it.

    @ qumahlin
    Cracking BB's security takes effort, a laptop and a cable. It also requires software.
    It also takes time. Enough time for the owner of the device to give his IT tech a call to whipe his/her phone remotely.
    That MUCH better then doing it from the phones own lockscreen!

    Everything can be cirmumvented but it seems that the iPhone is the easiest of them all.
    Last edited by Emir S.; 08-27-2008 at 05:48 PM.

  3. #43
    Retired Moderator one1's Avatar
    Join Date
    Sep 2007
    Location
    In my own little world
    Posts
    10,318
    Thanks
    349
    Thanked 1,180 Times in 730 Posts

    Quote Originally Posted by .:MirrorminD:. View Post

    Source: Major Security Flaw in 2.0.2 - Mac Forums and every other iphone news site and our own member RaMod
    ummmmm time stamp check please......http://www.modmyi.com/forums/general...rity-flaw.html
    Screw #Winning, I'm #Juanning
    iMac 27" i5 quad 2.8Ghz (1TB), MacBook Pro 17" 2.6, iPhone 4s

  4. #44
    Super Moderator dale1v's Avatar
    Join Date
    Sep 2007
    Location
    London, UK
    Posts
    3,786
    Thanks
    335
    Thanked 394 Times in 268 Posts

    Quote Originally Posted by qumahlin View Post
    Pffft. Your argument would be great if Blackberry's were much different. If someone is trying to steal your phone to get to your corporate data a quick search of the internet will introduce them to many many programs to accomplish the task.

    This pretty much just saves the theif from having to connect the phone to a PC.
    Quote Originally Posted by Emir S. View Post
    Cracking BB's security takes effort, a laptop and a cable. It also requires software.
    It also takes time. Enough time for the owner of the device to give his IT tech a call to whipe his/her phone remotely.
    That MUCH better then doing it from the phones own lockscreen!
    Was thinking that same thing
    [RIGHT][LEFT][IMG]http://lookpic.com/i/470/QsIbAobp.jpeg[/IMG]
    [/LEFT][QUOTE]Microsoft owns the internet through Hotmail. The .HTML is short for Hotmail, so all .HTML files are MS files.[/QUOTE][URL="http://twitter.com/dale1v"][SIZE=2][COLOR=Cyan][I]twitter.com/dale1v[/I][/COLOR][/SIZE][/URL]
    [/RIGHT]

  5. #45
    iPhoneaholic
    Join Date
    Mar 2008
    Location
    Dallas, TX
    Posts
    400
    Thanks
    48
    Thanked 47 Times in 43 Posts

    @ Emir:

    That is an extremely valid point and for the sake of not making my post longer I left it out. I guess when they have their weekly/daily marketing meeting it obviously was an idea put out on the table to "compete with BB and corporate needs"
    Thats why they (apple) are always going to play catchup in this area, when going against BB which was initially and specifically designed for the Corporate World first then wanted to expand their sales by going after the casual non business user. Same for Apple just in reverse.
    Which is why it took them 5 firmware updates before they made Exchange Server possible on the iPhone. The people however who need Mobile MSN and Exchange Server are still buying Palm and BB phones and not iPhone. I guess if they want some real insight on Business Enterprise and Security, hire a couple fellas from Cisco or like companies...

    Bottom line I upgraded to the iPhone from an iPod Nano and a Blackberry Pearl. Its (iPhone) entertainment and now becoming a side job for fun and a little extra cash. along with kick *** features while not on my computer at home or work. I love this mini laptop we call a phone but security isnt quite what you think about when an ipod excuse me iphone..
    Last edited by Muggz5; 08-27-2008 at 06:26 PM.

  6. #46
    security breach or not, this is a big deal. That being said, if you're that worried about security you should probly stay away from apple software in general. They don't have the best track record for being secure

  7. #47
    Super Moderator dale1v's Avatar
    Join Date
    Sep 2007
    Location
    London, UK
    Posts
    3,786
    Thanks
    335
    Thanked 394 Times in 268 Posts

    Quote Originally Posted by idolpunk View Post
    security breach or not, this is a big deal. That being said, if you're that worried about security you should probly stay away from apple software in general. They don't have the best track record for being secure
    uhhhhh.....
    [RIGHT][LEFT][IMG]http://lookpic.com/i/470/QsIbAobp.jpeg[/IMG]
    [/LEFT][QUOTE]Microsoft owns the internet through Hotmail. The .HTML is short for Hotmail, so all .HTML files are MS files.[/QUOTE][URL="http://twitter.com/dale1v"][SIZE=2][COLOR=Cyan][I]twitter.com/dale1v[/I][/COLOR][/SIZE][/URL]
    [/RIGHT]

  8. #48
    iPhoneaholic
    Join Date
    Mar 2008
    Location
    Dallas, TX
    Posts
    400
    Thanks
    48
    Thanked 47 Times in 43 Posts

    Quote Originally Posted by idolpunk View Post
    security breach or not, this is a big deal. That being said, if you're that worried about security you should probly stay away from apple software in general. They don't have the best track record for being secure

    umm ok.

  9. #49
    Im pretty sure this was always the case since the first iPhone came out!

  10. #50
    iPhone? More like MyPhone iRoach74's Avatar
    Join Date
    Feb 2008
    Location
    Cincinnati, OH
    Posts
    187
    Thanks
    91
    Thanked 1 Time in 1 Post
    damn! now i gotta switch my double tap home from iPod to favorites. i couldnt care less if people see my contacts and such but there is no way im letting anybody see all the homosexual music i have!

  11. #51
    lmao
    ___________________________________________

    ......epic

  12. #52
    iPhoneaholic
    Join Date
    Mar 2008
    Location
    Dallas, TX
    Posts
    400
    Thanks
    48
    Thanked 47 Times in 43 Posts

    Quote Originally Posted by iRoach74 View Post
    damn! now i gotta switch my double tap home from iPod to favorites. i couldnt care less if people see my contacts and such but there is no way im letting anybody see all the homosexual music i have!

    hahahahaha

  13. #53
    Green Apple Macboy67's Avatar
    Join Date
    Aug 2008
    Location
    Los angeles, CA
    Posts
    44
    Thanks
    9
    Thanked 0 Times in 0 Posts

    Welp I guess I'm going to downgrade to 1.1.4 until this gets patched.

  14. #54
    i dont passlock my phone...if i lost my phone and some nice person wanted to give it back....how would they contact anyone if the phone is code locked...

    i dont see the point in password locks unless its a phone for business. i.e. if your company issued it to u for work use as well. Because if you lost the phone...odds are you wont be getting it back, passlock or not.

  15. #55
    iPhone? More like MyPhone
    Join Date
    Aug 2007
    Location
    Covina, CA
    Posts
    266
    Thanks
    38
    Thanked 11 Times in 10 Posts

    I feel you on that one man. Its a huge problem? No, you people are too sensitive! Like my man, no homo, said"

    Quote Originally Posted by ProfessorChaos View Post
    i dont passlock my phone...if i lost my phone and some nice person wanted to give it back....how would they contact anyone if the phone is code locked...

    i dont see the point in password locks unless its a phone for business. i.e. if your company issued it to u for work use as well. Because if you lost the phone...odds are you wont be getting it back, passlock or not.
    "!

    So stop cryin' and keep your eye on your precious little toy. If I happen to come up on an iPhone its a wrap! I'ma restore and keep that sucker. But if it doesn't have a passcode and I browse through it and some how I see that it is an honest person, I might just be happy enough to give it back!

    _______________________
    iGet enough exercise just pushin' my luck!

  16. #56
    has anybody noticed that once ur in the favorites you can access dock??

  17. #57
    Quote Originally Posted by dale1v View Post
    uhhhhh.....
    to a certain degree, he is correct. Much of Apple's so-called security is nothing more than its OS' not being an interesting enough target for hackers to waste their time on. Not because of some unhackable ingenious coding on the part of Apple software engineers.

    And they don't even try to keep their software from getting pirated at all.

  18. #58
    iPhone? More like MyPhone
    Join Date
    Oct 2007
    Location
    San Bernardino, CA
    Posts
    195
    Thanks
    33
    Thanked 11 Times in 8 Posts

    Quote Originally Posted by dale1v View Post
    I've seen the same response all over the net, and it annoys me: "it's not a big deal"
    It's a big problem. This phone is supposed to be approaching:
    Enterprise-ready.
    that means: Security please.

    For Average Joe, having the ability to access contacts and mail through unofficial means may not be a big deal to:
    Average Joe

    For an enterprise who send plenty of confidential emails to employees a day, or a businessman with clients contact details on his phone, having the ability to access private data like this is NOT ON.

    Of the millions of iPhone users globally, can we all really say (with confidence) that all of them will be Average Joe's and that all of them will be kind, pure and just? Please.

    I think some of us need to step out of "everything-is-happy-and-perfect-in-Apple-Land" and start looking at the circumstances and possible consequences of leaving gaps in software that take place in the Real World.
    I don't know where you got the "everything-is-happy-and-perfect-in-Apple-Land" garbage, but it certainly doesn't apply to me. There's lots of things I don't like about my MacBook and my iPhone, so no (I can make my fonts huge, too ).

    And really, if anyone is using the iPhone as their sole business phone, they're retarded. Plain and simple. Everything I've ever read, and everyone I've ever talked to says they have a Blackberry or some other smart phone for work, and then an iPhone for everything else. The majority of business workers know that the iPhone is still basically just a phone for the ignorant masses, it is no where near where it needs to be if people plan on using it as their sole business phone.

    So if you use it for work purposes, leave it on a table somewhere and it gets swiped and your information is stolen...that's your own damn fault.

    Quote Originally Posted by adrian1480 View Post
    And they don't even try to keep their software from getting pirated at all.
    Probably because no matter what kind of protection or encryption companies try to put on their software, a good majority (if not ALL) of it eventually gets pirated.

    Matt
    Last edited by DarkoNova; 08-28-2008 at 07:23 PM.
    WHITE 32GB Verizon iPhone 4 - 6.0.1
    Dual 1.2 Ghz G4, OS X 10.4.11
    2.2 Ghz MacBook, OS X 10.7.5
    69 Nova
    71 Duster


  19. #59
    Super Moderator dale1v's Avatar
    Join Date
    Sep 2007
    Location
    London, UK
    Posts
    3,786
    Thanks
    335
    Thanked 394 Times in 268 Posts

    Default I seem to have offended someone.
    I don't know where you got the "everything-is-happy-and-perfect-in-Apple-Land" garbage, but it certainly doesn't apply to me. There's lots of things I don't like about my MacBook and my iPhone, so no (I can make my fonts huge, too ).

    Quote Originally Posted by dale1v View Post
    I think some of us need to step out of "everything-is-happy-and-perfect-in-Apple-Land" and start looking at the circumstances and possible consequences of leaving gaps in software that take place in the Real World.
    DarkoNova, I didn't mention your name, so if it doesn't apply to you, move on.

    And really, if anyone is using the iPhone as their sole business phone, they're retarded. Plain and simple. Everything I've ever read, and everyone I've ever talked to says they have a Blackberry or some other smart phone for work, and then an iPhone for everything else. The majority of business workers know that the iPhone is still basically just a phone for the ignorant masses, it is no where near where it needs to be if people plan on using it as their sole business phone.
    I said approaching enterprise ready. Apple are trying to get their phone out into the big business world, and this issue is pretty serious. I still stand by my point. If you think people are retarded or not, you cannot speak for the millions of iPhone users out there, and neither can I, hence why in my penultimate line, I mentioned the word "circumstances".

    So if you use it for work purposes, leave it on a table somewhere and it gets swiped and your information is stolen...that's your own damn fault.
    I can give you a different situation if you want. Mugging, stalker, blackmail...
    Last edited by dale1v; 08-29-2008 at 03:18 PM.
    [RIGHT][LEFT][IMG]http://lookpic.com/i/470/QsIbAobp.jpeg[/IMG]
    [/LEFT][QUOTE]Microsoft owns the internet through Hotmail. The .HTML is short for Hotmail, so all .HTML files are MS files.[/QUOTE][URL="http://twitter.com/dale1v"][SIZE=2][COLOR=Cyan][I]twitter.com/dale1v[/I][/COLOR][/SIZE][/URL]
    [/RIGHT]

  20. #60
    Wow I think how all these points make no sense haha. I like the one that says if you concerened with what you have in your enterprise server maybe you shouldnt be doing it. Dude I work for the Cal state system and there is a lot of sensitive info being passed around. This may be a bug but its not that big of a deal. You yourself can fix it and it will be patched out simple as that this is a useless thread full of unfacillitated arguments which hold no actuall girth. The petty fighting stops now.
    Last edited by Nicholas Knight; 08-29-2008 at 03:35 PM.

Page 3 of 4 FirstFirst 1234 LastLast
Posting Permissions
  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •