+ Reply
Page 1 of 2 12 LastLast
Results 1 to 20 of 27

Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.


Thread: Here's Why You Should Update to iOS 7.0.6 if You Haven't Already

is a discussion within the

iPhone News

forums, a part of the

General iPhone

section;
iOS 7.0.6 was released a couple of days ago with a fix for a really nasty SSL connection verification bug that could leave you susceptible to man-in-the-middle attacks on wireless
...
  1. #1
    MMi Staff Writer Anthony Bouchard's Avatar
    Join Date
    Sep 2011
    Location
    Florida
    Posts
    7,128
    Thanks
    217
    Thanked 1,044 Times in 766 Posts

    Default Why You Should Update to iOS 7.0.6 if You Haven't Already


    iOS 7.0.6 was released a couple of days ago with a fix for a really nasty SSL connection verification bug that could leave you susceptible to man-in-the-middle attacks on wireless networks from people with malicious intent snooping on your Web activity.

    Since SSL connection verification is commonly used in secure Web communication for Web sites like PayPal and other banking or money-handling Web sites, having this bug would have left you wide open to an inexperienced "hacker" that wants to listen in on your Web activity and steal information, or worse, money.

    The vulnerability affected many iOS devices on different firmware versions, and Mac OS X machines are also still plagued by the bug. While Apple released iOS 7.0.6 to fix the problem on iOS devices, they have not yet answered the Mac OS X community and are expected to in the near future.

    Notably, iOS 7.0.6 can still be jailbroken by evasi0n7, so if you haven't updated to iOS 7.0.6 yet, we would highly recommend that you do go through with the update so that you protect yourself from the nasty SSL connection verification bug. iOS hacker pod2g announced on Twitter yesterday that the bug can affect your security in Mobile Safari, Mail, Facebook, Twitter, and Messages among several other different kinds of applications:





    Pod2g also recommends updating to iOS 7.0.6 instead of installing some home-brew fix for the SSL connection verification bug, as this is ultimately the safest and most secure way to go about things.

    Since OTA (over the air) updating is disabled on devices jailbroken with evasi0n7, if you're already jailbroken on an earlier version of iOS, then you should download the update through iTunes. You should perform an iTunes backup of your iOS device to save all of your user settings and personal data before going through with the update, and you can right-click on your device on the left sidebar of iTunes and click "transfer purchases" to make sure that all of your apps, music, and other content gets transferred to your library.

    After you've backed up your iOS device and everything on it, you can then place your device into DFU mode and restore to the iOS 7.0.6 firmware you downloaded. Once the restore is finished, you can choose to restore your iOS device from a backup in iTunes, and you can select the backup you made prior to the restore.

    After your device is running iOS 7.0.6 and your settings, applications, and media have all been restored and synced, you can launch the latest version of evasi0n7 (version 1.0.6), which was released just yesterday with support for iOS 7.0.6, and you can jailbreak your iOS device and re-download all of the jailbreak tweaks that you had installed prior to updating your iOS device. Because you made a backup, all of your jailbreak tweak settings should all still be there and you shouldn't have to reconfigure them (I didn't have to for mine).

    For a guide on how to jailbreak your iOS 7.0.6 device, whether you're re-jailbreaking or jailbreaking your iOS 7.0.6 device for the first time, you can follow this link.

    If you plan on going through with the update, you should do so soon. iOS 7.1 is reportedly launching in the middle of March and it patches the evasi0n7 jailbreak. You should get yourself to iOS 7.0.6 soon so that you're not forced to upgrade to iOS 7.1 when it comes out. Once it's out, Apple won't sign iOS 7.0.6 anymore.

    Sources: pod2g
    Last edited by Anthony Bouchard; 02-23-2014 at 11:11 AM.

  2. The Following 6 Users Say Thank You to Anthony Bouchard For This Useful Post:

    bisayakid07 (02-23-2014), buggsy2 (02-23-2014), Jj2345 (02-23-2014), samsquanch (02-23-2014), xWalmartCandyx (02-23-2014), Zokunei (02-23-2014)

  3. #2
    Livin the iPhone Life KraXik's Avatar
    Join Date
    Mar 2011
    Location
    Winchester, UK
    Posts
    2,624
    Thanks
    2,671
    Thanked 1,754 Times in 891 Posts

    So if I only use secured wifi and 3G, I'm safe?

  4. #3
    MMi Staff Writer Anthony Bouchard's Avatar
    Join Date
    Sep 2011
    Location
    Florida
    Posts
    7,128
    Thanks
    217
    Thanked 1,044 Times in 766 Posts

    Quote Originally Posted by KraXik View Post
    So if I only use secured wifi and 3G, I'm safe?
    With any kind of wireless connection, you are at risk. No encryption is flawless. But unsecured Wi-Fi networks are one of the most common and vulnerable places that people get attacked at.

  5. #4
    Green Apple
    Join Date
    Jan 2008
    Location
    Germany
    Posts
    59
    Thanks
    66
    Thanked 44 Times in 19 Posts

    I am still on 6.1 and will definitely NOT update, so is there a possibility to manually fix the bug on my phone in security.framework?

  6. #5
    MMi Staff Writer Anthony Bouchard's Avatar
    Join Date
    Sep 2011
    Location
    Florida
    Posts
    7,128
    Thanks
    217
    Thanked 1,044 Times in 766 Posts

    Quote Originally Posted by Lobi_Earl View Post
    I am still on 6.1 and will definitely NOT update, so is there a possibility to manually fix the bug on my phone in security.framework?
    Pod2g suggests that fixing the problem yourself or using third-party fixes is not a good idea. The best way to go about this situation is to update the firmware.


  7. #6
    My iPhone is a Part of Me buggsy2's Avatar
    Join Date
    Jun 2011
    Location
    Sacramento, California
    Posts
    501
    Thanks
    459
    Thanked 86 Times in 62 Posts

    The only glitch I ran into was, iTunes wouldn't do the download+update in one step. I had to choose the Download-only option, then update. Of course I backed up first on iTunes. I also have the Cydia app PKGBackup installed, so I used that too to save all my Cydia apps and settings.

    After that the evasi0n jailbreak was easy and I first restored PKGBackup, then recovered all previous Cydia apps. To my surprise I didn't even have to provide any passwords again and everything, including my prior jailbreak icon configuration, was restored. So it was as easy as could be but still took a couple of hours waiting for the iTunes download, synching, backup, restore, etc. but well worth it to patch this serious security hole. Damn good thing this was fixed now and not in 7.1.

  8. #7
    My iPhone is a Part of Me Jj2345's Avatar
    Join Date
    Aug 2010
    Posts
    505
    Thanks
    412
    Thanked 138 Times in 101 Posts

    I'd love to update but I'm getting a 2005 error code since I'm jailbroken,I'd have to edit my host file or something like that,which Never worked for me

  9. #8
    What's Jailbreak?
    Join Date
    Dec 2011
    Posts
    5
    Thanks
    1
    Thanked 0 Times in 0 Posts

    I updated as soon as I got the time to. I hate starting over (unless it's for an x.0 beta), but with this, I totally did it. I advise everyone to get this update and then maybe a VPN like Cloak or something for public wifi.

  10. #9
    My iPhone is a Part of Me politicalslug's Avatar
    Join Date
    Sep 2007
    Location
    Woodland Hills, CA + Santa Cruz, CA
    Posts
    579
    Thanks
    13
    Thanked 109 Times in 73 Posts

    It takes a whole day to transfer everything back to my 64GB iPhone. I'm really not looking forward to this update. Likewise on my 64GB iPad, but I can live without that for a day.
    They can have my jailbreak when they pry it from my cold dead fingers.

  11. #10
    Green Apple
    Join Date
    Aug 2013
    Posts
    73
    Thanks
    51
    Thanked 14 Times in 10 Posts

    Is this really worth all the trouble of backing up data, restoring, updating, and re-jailbreaking? Can't i just use a VPN for SSL Connections?

  12. #11
    Green Apple
    Join Date
    Mar 2011
    Posts
    55
    Thanks
    0
    Thanked 4 Times in 4 Posts

    Exactly what I did as well. Hassle-free PKGBackup is great.


    Quote Originally Posted by buggsy2 View Post
    The only glitch I ran into was, iTunes wouldn't do the download+update in one step. I had to choose the Download-only option, then update. Of course I backed up first on iTunes. I also have the Cydia app PKGBackup installed, so I used that too to save all my Cydia apps and settings.

    After that the evasi0n jailbreak was easy and I first restored PKGBackup, then recovered all previous Cydia apps. To my surprise I didn't even have to provide any passwords again and everything, including my prior jailbreak icon configuration, was restored. So it was as easy as could be but still took a couple of hours waiting for the iTunes download, synching, backup, restore, etc. but well worth it to patch this serious security hole. Damn good thing this was fixed now and not in 7.1.

  13. The Following User Says Thank You to Fafner For This Useful Post:

    buggsy2 (02-23-2014)

  14. #12
    MMi Staff Writer Anthony Bouchard's Avatar
    Join Date
    Sep 2011
    Location
    Florida
    Posts
    7,128
    Thanks
    217
    Thanked 1,044 Times in 766 Posts

    Quote Originally Posted by xWalmartCandyx View Post
    Is this really worth all the trouble of backing up data, restoring, updating, and re-jailbreaking? Can't i just use a VPN for SSL Connections?
    Is it really a hassle though? It took me all of 1 hour to complete, and I did 3 devices.

    And I really think it's worth it. If you're going to fix it, it's always better to fix it right.

  15. The Following 2 Users Say Thank You to Anthony Bouchard For This Useful Post:

    buggsy2 (02-23-2014), samsquanch (02-23-2014)

  16. #13
    My iPhone is a Part of Me wolverinemarky's Avatar
    Join Date
    Feb 2009
    Posts
    687
    Thanks
    19
    Thanked 34 Times in 33 Posts

    Ugh I really don't want to unjailbreak and rejailbreak but sounds like it would be wise to so guess I will start the process

  17. #14
    My iPhone is a Part of Me buggsy2's Avatar
    Join Date
    Jun 2011
    Location
    Sacramento, California
    Posts
    501
    Thanks
    459
    Thanked 86 Times in 62 Posts

    Quote Originally Posted by politicalslug View Post
    It takes a whole day to transfer everything back to my 64GB iPhone.
    You must be restoring+updating your iPhone to factory condition in iTunes, then jailbreaking, then recovering from backup. In the first step do only the "Check for Update" not "Restore iPhone". The whole thing should take 1 or 2 hours, the shorter time if you use a Cydia backup app like PKGBackup.
    Last edited by buggsy2; 02-23-2014 at 01:25 PM.

  18. #15
    My iPhone is a Part of Me mlee19841's Avatar
    Join Date
    Aug 2009
    Posts
    996
    Thanks
    23
    Thanked 77 Times in 58 Posts

    Went smoothly. Wonder what 7.1 is going to be like.....

  19. #16
    Livin the iPhone Life steve-z17's Avatar
    Join Date
    Sep 2007
    Location
    Utah
    Posts
    2,239
    Thanks
    91
    Thanked 141 Times in 121 Posts

    Thank you Anthony for this important information. I will update right away.

  20. #17
    iPhoneaholic
    Join Date
    Dec 2010
    Posts
    308
    Thanks
    114
    Thanked 34 Times in 26 Posts

    PkgBackup is a savior

  21. The Following User Says Thank You to bisayakid07 For This Useful Post:

    buggsy2 (02-23-2014)

  22. #18
    iPhoneaholic
    Join Date
    Mar 2008
    Posts
    398
    Thanks
    0
    Thanked 19 Times in 16 Posts

    hackers can look at my iphone all they want. I never put personal or critical info in my phone anyway. I don't have the patience to do everything all over again specially with 7.1 looming.

  23. #19
    Green Apple
    Join Date
    May 2010
    Posts
    52
    Thanks
    0
    Thanked 6 Times in 6 Posts

    Quote Originally Posted by swifty7 View Post
    hackers can look at my iphone all they want. I never put personal or critical info in my phone anyway. I don't have the patience to do everything all over again specially with 7.1 looming.
    Exactly…if hacker wants to see my text to Wifey, asking what grocery items are needed from Stop and Shop, then by all means, look all you want!! haha

  24. #20
    What's Jailbreak?
    Join Date
    Sep 2012
    Posts
    25
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Many apps/tweaks I had on 7.0.4 don't seem to work on 7.0.6 or I can't even find on my sources (MultiIconMover+).
    Now did I miss something here or developers have to release a compatible version of their apps to work with 7.0.6?

Posting Permissions
  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts