iPhone update thwarts hacks

iPhone update thwarts hacks


New firmware disables SIM-hacked phones

Apple has released an update for the iPhone which effectively renders useless some of the devices unlocked by consumers over recent months.

The company had warned that an unapproved hack intended to allow the phone to operate on networks other than AT&T's could interfere with the iPhone's operations.

Users on several websites, including Gizmodo and The Unofficial Apple Weblog, are reporting that the update causes irreparable damage.

The iPhone offers an error message in some cases about an invalid Sim card, and users are unable to leave the error screen or revert the software. Inserting the original Sim card does not solve the problem.

The update also caused headaches for users who had performed a so-called 'jail-break' procedure to allow the iPhone to run custom applications. While the phones updated, most users reported that the installation locks were put back in place.

Many of the third-party applications were also removed from the phone, although some members of the Hackint0sh forum reported that the applications were merely hidden from the user interface but remained on the device.

The firmware update introduced a number of new features, including support for the new iTunes Wi-Fi store, which allows users to buy music direct from their iPhones, increased speakerphone and receiver volume, and a TV out capability.

IPhone users will also have the ability to disable Edge connections while travelling out of the US. The feature is a welcome addition as the iPhone regularly checks for new email messages and travellers have been confronted with huge roaming fees.

The update also plugged 10 security holes. Two of the fixes addressed information disclosure and unauthorised phone access vulnerabilities in the Mail application, while another patched a Bluetooth flaw that could allow remote code execution.

The remaining seven security fixes addressed the iPhone's Safari web browser. Three of the vulnerabilities could allow for cross-site scripting, two addressed JavaScript errors and two dealt with information disclosure vulnerabilities and unauthorised phone use.

Apple did not return requests for comment on whether any of the Safari flaws affected the Windows or MacOS X versions of the browser.