×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

iPhone 3.0 Update Delivers Prodigious Patch Batch

timothy posted more than 4 years ago | from the switched-housemate's-iphone-to-danish dept.

Portables (Apple) 150

CWmike writes "Apple patched 46 security vulnerabilities in the iPhone and iPod Touch, half of them in the Safari browser and its WebKit rendering engine, as it released iPhone OS 3.0 on Wednesday. One of the patched WebKit vulnerabilities stands out because of the attention it received in March, when a German college student, Nils, walked away with a $5,000 cash prize for hacking Safari at the Pwn2Own challenge. Nils used a bug in WebKit's handling of SVGList objects to crack Safari."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

150 comments

Frist Pist! (-1, Offtopic)

Anonymous Coward | more than 4 years ago | (#28379515)

Boo ya!

First!! (-1, Offtopic)

Anonymous Coward | more than 4 years ago | (#28379563)

First Post!!!

Re:First!! (-1, Offtopic)

Anonymous Coward | more than 4 years ago | (#28379785)

LOL you miserable failure! MY frist pist is so much frister than your pathetic attempt!

Loving it so far (0, Offtopic)

BlueBoxSW.com (745855) | more than 4 years ago | (#28379651)

Had the dev version on the phone which was great, but at one point bricked my phone.

I've never seen a portable device add so much functionality on a regular basis.

But the real question is... (2, Insightful)

abshack (1389985) | more than 4 years ago | (#28379751)

Does it support copy & paste?

Re:But the real question is... (2, Insightful)

mwvdlee (775178) | more than 4 years ago | (#28379829)

$5000... you couldn't hire a security expert to do the same work for that little money.

Re:But the real question is... (1)

sexconker (1179573) | more than 4 years ago | (#28381481)

Nor could an insecurity expert do the work.

They'd take $5000 and hold a contest to get some kid to do it.

Re:But the real question is... (0)

Anonymous Coward | more than 4 years ago | (#28381779)

$5000... you couldn't hire a security expert to do the same work for that little money.

If he already had it through other work then the effort is a sunk cost already. Might as well use the contest to get your name in the press for advertising purposes (and get some nice kit).

Re:But the real question is... (-1, Redundant)

Anonymous Coward | more than 4 years ago | (#28379833)

Yes.

Re:But the real question is... (3, Funny)

Captain Splendid (673276) | more than 4 years ago | (#28379839)

Yep.

Pays to RTFA, eh?

Re:But the real question is... (0, Funny)

Anonymous Coward | more than 4 years ago | (#28380565)

Fuck you. I went and RTFA just because you said that and nobody paid me anything. You lie.

Re:But the real question is... (2, Funny)

dimeglio (456244) | more than 4 years ago | (#28380907)

Real iPhone users don't need copy and paste. So the feature is irrelevant.

Re:But the real question is... (1)

AmigaMMC (1103025) | more than 4 years ago | (#28381475)

Why is the above modded a Troll? iPhone OS2 does not support Copy & paste so this is a legitimate questions. His intent might be to flame a bit, but the question remains legitimate. Let's not just mod people down just because we don't agree or because we're fanboys of this or that brand.

Re:But the real question is... (0)

Anonymous Coward | more than 4 years ago | (#28381601)

Yeah, actually it does now troll.

I am disappointed! (2, Interesting)

hansraj (458504) | more than 4 years ago | (#28379803)

Frankly I don't know what all the hoopla about iPhone OS 3.0 is about. I was hoping to use compass with google map after the update on my iPhone 3G, but all I got was a lousy voice-memo software.

And before anyone points out that iPhone 3G didn't have compass built into the hardware - It is supposed to be apple! I expect nothing sort of miracles from Steve Jobs!!

On a serious note, tethering was supposed to be there without the need to jailbreak your phone, but it is not available in US, and it is not available in Germany. Could someone tell me where it is available? Phone companies are the scum that are only slightly worse than the music industry.

Re:I am disappointed! (4, Informative)

alannon (54117) | more than 4 years ago | (#28379935)

Rogers/Fido in Canada, surprisingly, will allow tethering.

Re:I am disappointed! (1, Informative)

Anonymous Coward | more than 4 years ago | (#28380415)

Correct about Rogers/Fido in canada - just watch your bandwidth usage to avoid $50k bandwidth bill.

Re:I am disappointed! (3, Informative)

Xocet_00 (635069) | more than 4 years ago | (#28380989)

I found this [rogers.com] earlier today indicating that Rogers will allow anyone with a 1GB or greater data plan to tether. I called them to confirm and I am in fact allowed to consume bandwidth right up to my 6GB cap, same as if I was consuming the bandwidth on the phone itself.

The really surprising thing is that it's automatic. I didn't have to get them to turn anything on in my account. I simply turned it on in the Network Settings page and was able to tether my Windows 7 laptop and a friends Macbook Pro over both Bluetooth and USB without issues and, even more surprisingly, without iTunes installed (on the Win7 machine).

Bandwidth was around 3Mbps down and 0.3Mbps up, with a minimum ping of around 150ms, tested on multiple servers using Speedtest.net. This is in the middle of Halifax, NS.

Re:I am disappointed! (1)

sexconker (1179573) | more than 4 years ago | (#28381523)

"As if I was consuming the bandwidth on the phone itself."

Have they gotten to the point where they have actually tricked you into thinking there's a difference?

You ARE consuming the bandwidth on the phone itself.
The phone happens to be relaying the data to a PC. So what? My old phone and $30 AT&T unlimited plan from over years ago does this (over USB instead of WiFi, but given the choice I'd use USB anyway).

Re:I am disappointed! (5, Insightful)

vux984 (928602) | more than 4 years ago | (#28381983)

Have they gotten to the point where they have actually tricked you into thinking there's a difference?

There is a difference. Its subtle, but important. But its not a technical difference it has to do with with service levels, over selling, marketing, and pricing. But that doesn't mean its any less "real.

Essentially, when they give you a 6GB data plan they are overselling their capacity. They know this. I know this. And now you know this. Its not a secret, its not 'teh evil'. If -everyone- used 6GB every month they'd be unable to deliver the service reliably at that price.

Hi end users are subsidized by low end users. Low end users are happy that they have 6GB and don't have to worry about bandwidth everytime they check their email. The carrier has a good idea what the distribution of users is, and knows that it can offer 6gb for $30 bucks, overselling what they can actually deliver at that price, but secure in the knowledge that the mathematical models of their customer's usage patterns virtually gaurantee they won't have to.

But that all assumes no tethering. Its a no brainer to sell 'unlimited data' to a blackberry user a couple product cycles back-- the thing only did email really well, and web browsing poorly. Add in tethering, and suddenly a sizeable chunk of customers on unlimited go from 'low/moderate' usage measured in the kilobytes per day to super-users in the 10s of megabytes per day. Someone that historically only checks his email on his device, getting the odd document, or mp3... well now he now downloading his operating system service pack, virus software update, while watching youtube.

The mathematical model changes. Bottom line: if they allow tethering, consumption goes up sharply for a significant group of consumers. They need to deliver more total bandwidth. That additional capacity costs more to supply and maintain. So they need to charge more for it.

And so we have 'no tethering' in some areas or 'tethering feature' charges in other areas. As as we move forward, the devices become more powerful, and its actually possible to use significant bandwidth on them, but even now, bandwidth usage per unit for untethered use is an order of magnitude lower than what tethered users use.

The carriers fear they would be unable to deliver reliable service at that level at that price point with wide spread tethering. So they're beign cautious about it, and looking to tier the service so that people who need it pay for it.

A final word out to those who despise over-selling and thing the ISP shouldn't do it. Shut the hell up. We, the /. power users, benefit from over selling the most. Its our usage that is subsidized by the low end users. Its because of overselling we can get 6GB for $30 in the first place. If they got rid of overselling the prices we'd pay would shoot sky high, and we'd all pay by the megabyte or some other metering right from the first byte. That would suck.

That's not saying that ISPs are angelic entities looking out for us, but overselling is good business that generally benefits the consumer with lower prices and services offered in a form that we like (I want a 6GB plan more than a plan that charges me 1$ per MB. Over selling and makes efficient use of the available resource...it a case of the free market actually working.

Re:I am disappointed! (0)

sexconker (1179573) | more than 3 years ago | (#28382757)

Uh, no.

You use your phone to access the internet over the cellular network.

Whether or not your phone then communicates with your PC or other devices makes no difference. At all.

Re:I am disappointed! (4, Insightful)

vux984 (928602) | more than 4 years ago | (#28383713)

Uh, no.

Uh. Yeah.

You use your phone to access the internet over the cellular network.

Thank you captain obvious.

Whether or not your phone then communicates with your PC or other devices makes no difference. At all.

Actually read my post before you reply. There is no technical difference. But in terms of the business model to support it they are worlds apart.

Take a salad-bar, its the same situation. A single person can't really eat that much food, so I can offer him unlimited food for a fixed price, and make money by pricing it above what the average person will consume.

If people walk in and start expecting to 'tether' and feed their whole family off that one price, that's a game changer. I can't run an unlimited salad bar at that price anymore. The average amount consumed per "plate sold" has gone WAY up.

Similiarly, with a data device, there's really only so much data a single handset will consume. They are still mostly used for email and small files. So you can give people lots of bandwidth for a fixed price above the average cost and make money. If people start tethering, where they suddenly are using a lot more average bandwidth than before, then the pricing is no longer valid. They need to raise the rate, or charge for tethering, or block tethering, or something in response.

Re:I am disappointed! (1)

ChronoC (673301) | more than 3 years ago | (#28382759)

http://www.wired.com/epicenter/2009/04/congressman-to/ [wired.com] I don't think they're hurting for money. Download caps and the price per GB we pay far exceed their costs.

Re:I am disappointed! (5, Interesting)

vux984 (928602) | more than 4 years ago | (#28383749)

Download caps and the price per GB we pay far exceed their costs.

for what its worth, cellular networks -- the topic at hand, are a completely different ballgame vs broadband. A few dozen people streaming movies can saturate a cell site that can normally support thousands of voice calls.

Re:I am disappointed! (1)

mario_grgic (515333) | more than 4 years ago | (#28381865)

Tethering does not work for me. I get a message to contact Rogers about tethering on my iPhone when I try to enable it in the network settings.

Don't fret (1)

Xocet_00 (635069) | more than 4 years ago | (#28382083)

Originally I was getting this message as well, which is why I called them in the first place. The techs told me that they were enabling the feature gradually (pushing some sort of update to the phone?) and that it would be available nationwide tomorrow (Friday).

Re:I am disappointed! (0)

Anonymous Coward | more than 3 years ago | (#28382789)

Either in the Netherlands T-mobile doesn't allow tethering.

Re:I am disappointed! (5, Informative)

Nixoloco (675549) | more than 4 years ago | (#28379987)


If you have AT&T in the US, you can enable tethering and MMS without jailbreaking. It is pretty convoluted process, but it works. This isn't Apple's fault though, but AT&T's.
http://www.krillr.com/blog/3DPQHBZ3/i-have-tethering-and-mms-on-my-iphone-and-yes-im-on-att [krillr.com]

Re:I am disappointed! (2, Informative)

thePowerOfGrayskull (905905) | more than 4 years ago | (#28380385)

Just be careful - actually doing so and getting caught at it is a violation of your TOS.

Re:I am disappointed! (5, Interesting)

sexconker (1179573) | more than 4 years ago | (#28381535)

What are they going to do? Stop taking your money every month?

Re:I am disappointed! (2, Funny)

jo42 (227475) | more than 4 years ago | (#28381827)

They'll use it as an excuse to take even more of your money every month. Don't want that now, do we?

Re:I am disappointed! (0)

Anonymous Coward | more than 4 years ago | (#28380407)

It's pretty simple, I'm not sure why you think it's convoluted.

Here's the instructions for tethering
1) go to a link in safari on the phone
2) turn on tethering.

Here's MMS
1) go to the same link
2) pull out sim
3) put in MMS capable phone
4) go to attmobile.com
5) change text plan from iphone to a regular Messaging plan
6) put sim back in iPhone

I am NOT disappointed! (1)

Eggz Factor (455382) | more than 4 years ago | (#28380483)

If you have a data plan of 1 gig per month or better, tethering data comes out of your regular monthly allowance - no extra charge. I must say that this was a pleasant surprise. The fine print in the agreement is that Rogers / Fido may rethink the current arrangement in the new year after assessing the actual hit to the network that tethering may or may not incur.

Fingers crossed...

Re:I am disappointed! (0, Redundant)

someonehasmyname (465543) | more than 4 years ago | (#28380645)

Dude, just jailbreak, already. How can you be a /. member and resist the urge to pwn your phone?

Jailbreaking doesn't void anything. I bought a 3G 2 weeks before the 'new model' was 'leaked', and broke it within an hour. Then 2 days before my 30 day 'tryout' was over, I backed it all up, restored it to default non-jailbroken firmware, and returned it 'because it sucked'. Then I went back to the store to preorder the day the 3GS was announced.

My 3GS will be here in a few days, and it gets broken immediately as well. You're missing out on so much good stuff.

You could prevent the lock screen from showing private sms and call data, tethering works over usb or ad-hoc wifi, springjumps+iblank rocks. my home screen icons all jumped to pages of categories laid out how I wanted them, different keyboard layouts (iTypeFastR, BB Storm, etc), being able to install themes/ringtones, BossPrefs, Folders to hide pron! (or password lists, etc.), Docs, NES, SNES4iPhone. I was 1/2 done with Link to The Past on my iPhone when I had to take it back. :(

Re:I am disappointed! (0)

Anonymous Coward | more than 4 years ago | (#28381229)

T-Mobile in Netherlands is tolerating it because they simply can't stop it. The standard iPhone rate includes all traffic (starting at 30 euro a month with 150 minutes+150 sms). Here is an easy way in dutch [iphoneclub.nl] how to set up tethering. Here's the article [webwereld.nl] about the tolerating, also in dutch. ;-)

Re:I am disappointed! (1)

scorp1us (235526) | more than 4 years ago | (#28381285)

And before anyone points out that iPhone 3G didn't have compass built into the hardware - It is supposed to be apple! I expect nothing sort of miracles from Steve Jobs!!

Why not use the difference of GPS coordinates to determine the last direction walked and use that to orient your google maps/compass?

Re:I am disappointed! (1)

thedirektor (737523) | more than 4 years ago | (#28381903)

Because that kind of "compass simulation" is a major PITA.

It doesn't even work that good in a car, where you travel at far higher speeds, so the system will get way better datapoints for a far better projection.
When you are on foot it will take quite a distance until you pick up enough good datapoints so that it is meaningfull.

And it would be most usefull if the map on your mobile is just oriented correctly, and when you turn hold your mobile the map is now correclty oriented again. Thats completely impossible using GPS.

Re:I am disappointed! (3, Insightful)

mdwh2 (535323) | more than 4 years ago | (#28381423)

Phone companies are the scum that are only slightly worse than the music industry.

Certain companies with certain phones may well be. My phone Just Works on tethering and other things without the need to jailbreak anything :) (I didn't even know it had a special name like "tethering" to be honest - I just thought it was something that worked as standard out of the box with any phone. There's nothing special about my phone, it's just a commonly available cheap bog-standard one.)

Re:I am disappointed! (0)

Anonymous Coward | more than 4 years ago | (#28381671)

you mean like this? http://reviews.cnet.com/8301-19512_7-10265889-233.html

enable tethering, no jailbreak required. Do NOT do what the article says, instead read the comments. Worked for me!

Re:I am disappointed! (3, Funny)

PopeRatzo (965947) | more than 4 years ago | (#28382201)

Frankly I don't know what all the hoopla about iPhone OS 3.0 is about.

With the release of 3.0, Apple has once again revolutionized the entire realm of interpersonal communications using technology and have put the rest of the computer industry on notice that things are transformed forever.

Their accomplishment?

Patches.

I'm telling you, the iPhone is the Chuck Norris of high-tech fashion accessories. Everything that Apple does in regards to the iPhone is "revolutionary", "game-changing", and "transformative".

Patches...

Re:I am disappointed! (0, Troll)

tyrione (134248) | more than 3 years ago | (#28382515)

Not going to point out that you're just being a dick for no reason. Nope. Won't bother to do so.

Re:I am disappointed! (0)

Anonymous Coward | more than 3 years ago | (#28382799)

It works on my phone here in Canada
~ tested on both Rogers and Fido

Re:I am disappointed! (1)

RedWizzard (192002) | more than 4 years ago | (#28384081)

On a serious note, tethering was supposed to be there without the need to jailbreak your phone, but it is not available in US, and it is not available in Germany. Could someone tell me where it is available? Phone companies are the scum that are only slightly worse than the music industry.

Works in NZ. Very nice via Bluetooth!

Well that's just fantastic (5, Interesting)

keeegan (1526067) | more than 4 years ago | (#28379813)

But when are they going to patch these security flaws on my 2.1 ipod? Paying for an update is ridiculous, especially when it fixes critical security flaws. I sure hope apple does the right thing.

Re:Well that's just fantastic (2, Informative)

Captain Splendid (673276) | more than 4 years ago | (#28380083)

Paying for an update is ridiculous

If you feel that strongly about it, go torrent the firmware. Not that hard to do.

I sure hope apple does the right thing.

You must be new here.

Re:Well that's just fantastic (0)

Anonymous Coward | more than 4 years ago | (#28380185)

You knew when you bought it that you'd have to pay for upgrades. Don't pretend that you "thought" they'd give you free updates if those updates included some security fixes. You're not that dumb and we all know it.

Re:Well that's just fantastic (1)

keeegan (1526067) | more than 4 years ago | (#28380409)

No, I just "thought" they wouldn't leave me hanging when there were fixes for serious security flaws.

Re:Well that's just fantastic (2, Interesting)

Hel Toupee (738061) | more than 4 years ago | (#28380249)

I have a first generation iPod Touch. It says on the back of the box that software bugfixes are free for life. I'd post a link to google images, but noone's managed to get a picture of the back of the box, go figure.

Re:Well that's just fantastic (0, Troll)

njfuzzy (734116) | more than 4 years ago | (#28380579)

It's entirely possible that an updated 2.X version will come out, later, incorporating fixes. Apple often does that with the Mac OS. (I'm not sure why you're expecting backpatches to be instantaneous.)

Shows the closed development of Apple these days (-1)

Anonymous Coward | more than 4 years ago | (#28380343)

If Apple wasn't so hard on itself on the DRM scene, then they would have these embedded computers behaving more than their ellusive handprint has effected; they should have a modular patch system that doesn't break any existing applications and development. You'ld think Apple would have learned from the success of OSX Liger edition, but instead they are trying to keep it all bottled-up with DRM'd precision so they don't have a developmental moving target (so to speak). It's only a matter of time before Richard Matthew STALLMAN [anonymouse.org] vents his pretended frustration to call for unity in this feudal tenancy of copyright GPL'd software to make a special half-ass distribution for iPh1ne and ickeePod.

Re:Well that's just fantastic (0)

Anonymous Coward | more than 4 years ago | (#28380443)

Apple a doodley always does the right thing man!

Re:Well that's just fantastic (4, Informative)

Anonymous Coward | more than 4 years ago | (#28380627)

Go ahead and search Google for the following string, it contains the patches you requested: iPod2,1_3.0_7A341_Restore.ipsw

Re:Well that's just fantastic (3, Informative)

Anonymous Coward | more than 4 years ago | (#28384229)

iPod1,1_3.0_7A341_Restore.ipsw for a first generation

Re:Well that's just fantastic (1)

zaajats (904507) | more than 4 years ago | (#28380817)

But when are they going to patch these security flaws on my 2.1 ipod? Paying for an update is ridiculous, especially when it fixes critical security flaws. I sure hope apple does the right thing.

Sure, paying for a security update alone is a bit strange, but really — it's only $10 and gives you so much more. Besides, it's not like your iPod has been taken over by viruses due to the bugs.

Apple charges 'by law' - Sarbanes-Oxley act (1, Informative)

RudeIota (1131331) | more than 4 years ago | (#28384291)

I know... this doesn't change the fact they charge for iPod firmware updates -- and Apple's reasoning is certainly open to well-deserved criticism -- but they lay the blame squarely on the Sarbanes-Oxley act [kateva.org].

From what I understand, SOX is a law that intends to make public companies more accountable to share holders. Apple has interpreted SOX in such a way that it feels as though it *must* charge for updates which unleash new features that substantially increase the potential value of the device. This appears to be applicable to virtually all hardware-enabling features and reasonably 'novel' software features. 3.0 is such an update.

Why doesn't this affect the iPhone? That's because the iPhone is a subscription-based device. As such, it continually generates profit for the company and its shareholders. The iPod Touch has no subscription, meaning that anytime Apple unleashes a new set of big features for free, they supposedly have "cheated" shareholders by not releasing a new product instead. To generate revenue, they charge for the update. The idea is this keeps them in compliance with SOX by generating extra revenue for 'shareholders'. Obviously, Apple is making a profit, but I understand SOX compliance also costs big companies millions of dollars [wikipedia.org] in fees (lawyers, accountants and God knows what else)... Who knows. And remember: Minor updates are supposedly fine; major updates are supposedly not fine -- although I'm not sure who the legally viable arbiter of that decision would be, exactly.

Like it or not... Believe it or not... It's the way Apple has dealth with this. Incidentally, it's the same reason they charged $2.99 for 802.11n support on Macbooks through Software Updater.

Hacking Safari? (3, Informative)

Itninja (937614) | more than 4 years ago | (#28379895)

Maybe I am missing something, but the article linked in the summary (about Pwn2Own's prize for hacking Safari) appears to be about someone hacking IE, not Safari.

Re:Hacking Safari? (3, Insightful)

Em Ellel (523581) | more than 4 years ago | (#28380351)

Yes, you are missing the part where you should read the article

From TFA:

IE8 wasn't the only browser Nils hacked yesterday. After he took down IE8, he moved on to Apple Inc.'s Safari and Mozilla Corp.'s Firefox, both of which he successfully exploited with attack code he had created earlier. His total for the afternoon: $15,000 in cash from TippingPoint, and the Sony laptop

Re:Hacking Safari? (1)

hattig (47930) | more than 4 years ago | (#28380671)

"created earlier"

That's hardly in the spirit of the competition, in my opinion.

Anyway, good that Apple has fixed the bugs. Bad that iPod Touch users have to pay to get the bug fixes.

Re:Hacking Safari? (2, Interesting)

slyn (1111419) | more than 4 years ago | (#28380959)

Every hack in the competition was created early, and it was allowed within the rules to do so.

This made all the sensationalist "MAC CRACKED IN SECONDS" news/blogspam all the more annoying, and the _real_ news all the more painful. The real news was that the Safari exploit that the one dude used to win the Macbook Air had been around since the competition the year prior, and that he chose to save his exploit for the next years competition, and it wasn't fixed before he was able to use it for the CanSecWest 12 months later.

Re:Hacking Safari? (1)

hattig (47930) | more than 4 years ago | (#28381097)

Oh dear, that's not a very good show, Apple. Then again I've thought their security update policy is quite lacking in urgency, even when they are notified of a hole.

Update the iPhone as often as Leopard (1)

jskoda (1579933) | more than 4 years ago | (#28380087)

I wonder why the iPhone doesn't see more patches and updates. If the iPhone OS is a branch of Mac OS why isn't the phone patches as much as the desktop OS? Do Windows Mobile machines patch every Tuesday? I never updated my CrackBerry. Perhaps Apple doesn't want the iPhone to appear to need patches more often than it's competitors.

Re:Update the iPhone as often as Leopard (1)

DragonWriter (970822) | more than 4 years ago | (#28380649)

If the iPhone OS is a branch of Mac OS why isn't the phone patches as much as the desktop OS?

Probably because its a branch that is stripped down and on which less can be done, producing less opportunity for vulnerabilities.

It's patched about as often. (1)

SuperKendall (25149) | more than 4 years ago | (#28381319)

If you think about it, while they don't happen at exactly the same time OS X does see about as many patches issued as the iPhone.

One thing throwing you off is that the newer Leopard has taken longer to come out with newer iPhone OS versions (like 1.x to 2.x).

They do, of course, share the same base OS but tend to sort of leapfrog each other a little as to versions of components used.

Security for $10? (1)

cant_get_a_good_nick (172131) | more than 4 years ago | (#28380121)

I have an iPod touch, i was wondering if it was worth it to upgrade. I also wonder if these Safari bugs will be fixed in a 2.x update. Sucks to have to pay $10 to be secure.

  Although if i don't, it's easier to pWn and run cydia on it I guess.

Re:Security for $10? (0)

Anonymous Coward | more than 4 years ago | (#28380291)

I was a bit unsettled about this as well, I just purchased a Touch this week. Maybe this is secretly why Best Buy has their current "free gift card" deal for their iPod Touches, to offset the additional expense coming from the OS update (and Apple's "no AC adapter included" policy).

Re:Security for $10? (1)

cant_get_a_good_nick (172131) | more than 4 years ago | (#28381351)

And the USB wall warts are insanely expensive - about $30. Granted, they don't stop you from buying it elsewhere, and they are just taking advantage of people willing to spend that on an Apple branded product, but does Steve need new turtlenecks that badly?

Re:Security for $10? (1)

grocer (718489) | more than 4 years ago | (#28380607)

Well, it does add copy/paste (finally), landscape keyboard in Notes & Mail, global search, and nifty controls to Podcasts (30 sec skip, 2x/.5x/1x playback, e-mail button)...plus Push for apps to run in the background. I'm satisfied with the upgrade on my 1G...but still annoyed I had to pay all 10 bucks when I don't get bluetooth headphone support (that's 2G only).

You were just given security for life (1)

SuperKendall (25149) | more than 4 years ago | (#28381279)

I have an iPod touch, i was wondering if it was worth it to upgrade.

Probably for some of the improvements playing media, you should check a number of the lists and see if anything appeals. Also a number of new apps are going to take advantage of 3.0 and you'll quickly find you would like to upgrade.

I also wonder if these Safari bugs will be fixed in a 2.x update. Sucks to have to pay $10 to be secure

But that's the beauty of a system where a large majority (80%+) upgrades to new OS. You may have security exploit that could be used, but the reality is anyone looking to write an exploit would do so against 3.0 now as there will be hardly anyone using 2.x to attack...

A security vulnerability is a combination of the ease of performing the exploit and the desirably of doing so by an attacker. A Touch is already less likely to be exploited because it doesn't make a good zombie client (network shuts down with the screen). Then on top of that you'd have to trick a user to come to your site... in combination the odds against anyone taking advantage of this are astronomical.

Re:Security for $10? (0)

Anonymous Coward | more than 4 years ago | (#28381573)

I have an iPod touch, i was wondering if it was worth it to upgrade. I also wonder if these Safari bugs will be fixed in a 2.x update. Sucks to have to pay $10 to be secure.

US $10, .. a McDonalds meal costs what... $5 (or more depending on which one you buy) ? I don't really spend that much time annoying myself about price tags that low nor do I spend time browsing pirate bay to avoid paying them for that matter. I do agree that it kind of sucks not to get at least security updates for iPhone OS 2.X but then I wasn't terribly bothered about spending $10.

Kiss Pay-As-You-Go "Good-bye" (3, Informative)

ackthpt (218170) | more than 4 years ago | (#28380175)

GoPhone subscribers warned the upgrade will be the end of the service. [mobiletechreview.com]

AT&T Narrows Prepaid Plan Options [pcworld.com]

"AT&T currently offers two types of prepaid plans: GoPhone, its "pay as you go" plan, and Pick Your Plan, its "prepay once a month" plan. AT&T's statement says that GoPhone will not be available for either original iPhones or iPhone 3Gs; Pick Your Plan will only continue to work for existing subscribers using the original iPhone, as long as they have an unlimited data plan. Current Pick Your Plan users who don't have an unlimited data plan will be asked to add one. iPhone 3G users are not eligible for Pick Your Plan.

According to Erica Sadun at TUAW, who's been investigating this issue, all pay-as-you-go users are being strongly encouraged to sign up for a postpaid plan, which includes making a new two-year commitment."

Looks like I'll be waiting a year for the Apple/AT&T agreement to time-out. I'll not do a two year agreement again, ever.

Unlimited Data has actually been gone since Nov (1)

weston (16146) | more than 4 years ago | (#28381155)

AT&T actually discontinued its unlimited prepaid data plan in general back in November. I still have it, because I'm grandfathered in, but my understanding is that there's no new ones.

Still... half my reason for keeping it around has been in case the iPhone became more appealing to me. If they drop prepaid data for the iPhone, I think I'm done with them. I'd guess you can still make it work by unlocking, but if I'm going to have to unlock, there's nothing so compelling about their service that would keep me from using T-mobile prepaid instead.

Yeah, but iTunes 8.2 (0, Flamebait)

101010_or_0x2A (1001372) | more than 4 years ago | (#28380331)

is required to upgrade to 3.0. While its not a big deal for individual computers, in an office environment its not as trivial..another one of Apples (not so) subtle schemes to get you using a particular software version whether you like it or not? And the "new" features are pretty pathetic really, more like they should have been in the 2.0 version of the software.

Re:Yeah, but iTunes 8.2 (0)

Anonymous Coward | more than 4 years ago | (#28380669)

who says you *have* to use it? i use itunes elusively for iPhone updates. nothing requires you to use the software for mp3s or anything else.

Re:Yeah, but iTunes 8.2 (1)

ameyer17 (935373) | more than 4 years ago | (#28380961)

More like "should have been in 1.0" in some cases
Seriously, no copy and paste in 2009?

And it's theoretically possible Apple will release a 2.2.2 firmware for the iPod Touch with backported security fixes.

Re:Yeah, but iTunes 8.2 (1, Interesting)

Anonymous Coward | more than 4 years ago | (#28381163)

is required to upgrade to 3.0. While its not a big deal for individual computers, in an office environment its not as trivial..another one of Apples (not so) subtle schemes to get you using a particular software version whether you like it or not? And the "new" features are pretty pathetic really, more like they should have been in the 2.0 version of the software.

So... let me get this straight, your office environment somehow includes lots and lots of people with iPhones, and this is a requirement (hence why you are apparently concerned with said phones being upgraded while at work). Meaning that, if I were to go out on a limb, the office at which you work, in some way, shape, or form, most likely specializes in iPhone app programming. Aaaaaand yet it does NOT have any sort of plan in place to upgrade iTunes (an important part of iPhone maintenance, which will update itself and alert you to this fact), not to mention the fact that this office is perfectly willing to stay behind a version of iPhone firmware in what is undeniably a viciously competitive market.

Alternatively, your office does NOT specialize in iPhone app development and you're just whining because you're too stubborn and/or paranoid and/or aimlessly idealistic to upgrade iTunes, and will most likely be bitching in a month or so anyway when some flaw is discovered in said program and it bites you hard because you heroically refused to upgrade iTunes for whatever reason seems right in your head.

Either way, I present a quote from the game Team Fortress 2 which, if I may be so bold to suggest, sums up the opinions of everyone who read your post: "CRY SOME MORE!!!"

Re:Yeah, but iTunes 8.2 (1)

stewbacca (1033764) | more than 4 years ago | (#28381275)

another one of Apples (not so) subtle schemes to get you using a particular software version whether you like it or not

Or there's the part where the new functionality in the phone requires a new software version to control it? You know, as in, "we couldn't predict the future with iTunes 8.1 to know what it would need for the third-gen iPhone coming out next year".

Justifying piracy (-1, Offtopic)

Anonymous Coward | more than 4 years ago | (#28380339)

Fellow pirates,

I implore you to continue your campaign on Slashdot to make me feel less guilty. I know that not paying someone for their work is wrong, but if Slashdot posts enough articles bashing the RIAA/MPAA/copyright law/whatever, it's easier for me to accept what I'm doing emotionally by visualizing someone else as the bad guy. Once on the forefront of relevant IT news, Slashdot is now a lame repository of mainstream pseudoscience links and pro-piracy articles to appease a dwindling readership. I am overjoyed.

Even though the open source community is about giving back as much as it is taking, I'm just going to take. I'm a human leech with self-serving beliefs and an inability to empathize with content creators who are trying to make a living.

I don't believe John Carmack should be paid for his work. I'm going to sit on my ass while he spends years coding the next advanced 3D engine from id Software. When their game comes out, I'm going to pirate it without giving a second thought about paying John Carmack for his work. I'm just so used to pirating things now that I take it for granted. If anyone mentions John Carmack to make me feel guilty, I'll look for Slashdot articles that bolster my viewpoint, such as this one [slashdot.org], amusingly posted in the Your Rights Online section even though none of my rights are being violated.

According to that study, it's okay to not pay people for their work because there's some vague hope that they'll make up the difference in income through "concerts and speaking tours." Artists are now forced to take time out of doing what they want to do. John Carmack must stop programming in order to make money from programming. It's genius. The study does exactly what I need it to--make me feel less guilty when I pirate. We've managed to stretch the truth so far that we're actually telling ourselves that we're helping artists by not paying them for their work. Excellent job.

I look forward to Slashdot telling me everyday who the bad guys are. Even though Slashdot has sued websites in the past for copyright infringement, and they've pretended to care about plagiarism [slashdot.org], we're supposed to go along with Slashdot's anti-copyright agenda. I'm okay with that hypocrisy because it serves me. It makes me feel less guilty when I pirate something. Remember, I'm not the bad guy--the RIAA/MPAA/whatever is. That makes it okay for me to not pay people for their work.

EULAs and copyright licenses are wrong, yet the GPL is good. Piracy isn't theft, yet GPL violations are referred to as "stolen GPL code." I accept all of these double-standards because it serves me. I pretend not to notice when someone points out that the GPL relies on copyright law, and if I want to get rid of copyright, my beloved open source code will no longer be protected by the GPL. I don't care, because I'm too busy concerning myself with what I want for free, not about the consequences. I want to get rid of copyrights because I've been told that copyrights are the bad guy, and they are an obstacle to my rampant piracy.

Fellow pirates, let us continue our selfish leeching. Let us paint others as the bad guys to absolve us of our emotional guilt. Our goal is to convince people that piracy is something the good guys are doing in a fight with the evil corporations. Making money is wrong, even though Slashdot displays ads, and it cost me money to buy the computer I'm using to pirate stuff.

Yours truly,
A fellow Slashbot

what update? (1)

wardk (3037) | more than 4 years ago | (#28380685)

my iTunes isn't seeing any update from the original 3.0 upgrade yesterday.

Re:what update? (1)

stewbacca (1033764) | more than 4 years ago | (#28381129)

I think they actually mean the 3.0 upgrade. Of course, this is slashdot and I wouldn't expect any news about actual features...just security patches.

how do you people afford this shit (-1, Troll)

Anonymous Coward | more than 4 years ago | (#28381115)

i can barely fucking feed myself, you are obsessed with hacking a mult-hundred dollar product that just came out.

dont you people fucking get it? a 6 foot steel fence is not going to stop massive hordes of starving homeless people, and your fucking iphone 3g jailbreak bluetooth ass blaster 2000 is not going to save you.

update? thanks but no thanks!.. (0)

Anonymous Coward | more than 4 years ago | (#28381457)

this upgrade is amazingly troublesome for user.i tried it today, and it was painful no end.

first they make you upgrade itunes (it must be that iphoneos3 requires special super-puper method of uploading that only itunes8.2 supports).

then they backup everything on the handset, but upon upgrade it breaks (it said something about device being lost, unexpectedly disconnected or something).
so the device is bricked, well, being restarted it shows "itunes and usb cable". when it's connected, itunes says "oh, the device is dead you need to restore it"... yeah, no shit!

when "restore" is pressed, it says "hey there's a new version, do you want to restore and update?". and there's no escape! there's no button "thanks but no thanks, just return me to yesterday". you either restore+update it or have it bricked. WTF?!!

once i upgraded itunes and started update, i cannot return back! and yeah, restore didn't work, i saw "preparing for restore" for 5 minutes and then bah "unknown error #1604, have a nice day". windows' restart usually heals everything, but not in this case! their web page offers to clean usb socket, re-install windows' usb drivers, yeah, right...

lucky me, i had co-worker with older itunes and iphoneos2.2 so i was able to return it to 2.2. i think it's enough of experience. mms and rotated keyboard... well i hope i'll get it with 3.1, by that time it maybe will update.

(plus one Informa\tive) (-1, Flamebait)

Anonymous Coward | more than 4 years ago | (#28383601)

end, we nned you deEper into the

Only $5000? (1)

recharged95 (782975) | more than 4 years ago | (#28384295)

" Nils, walked away with a $5,000 cash prize for hacking Safari at the Pwn2Own challenge."

.

In other news, for at least 3 months, hackers exploiting Nils technique walked away with a few hundred thousand via identity theft, atm fraud, password access, etc...

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...