The other side of iPhone security

by Francois Joseph de Kermadec

Since the introduction of the iPhone, Apple has been the focus of criticism from many a member of the computing community: keeping the platform closed is an outrage, a Microsoftian move, living proof of the evil that lurks underneath the company's cheerful facade. Whether you agree with these points or not, one cannot deny Apple has pulled all the strings to indeed keep people out of the iPhone and send a firm message to those who had dared trespass - and I am not even talking about "bricked" iPhones here since knowing whether the side effect of the upgrade was intentional or coincidental is still everyone's guess. Surprisingly, however, keeping the iPhone closed may be a good thing.


2007-10-10 08:11:22
Absolutely on the mark. While Apple did not help matters by keeping the platform closed up until this point, the "developer" community has used exploits to "break" the OS in order to achieve their goals (carrier independence, activation, third-party apps, etc).

From what I've seen so far with the iPhone (non-hacked) it's obvious Apple released it too soon or had incompetent alpha/beta testers, since some of the improvements in the 1.1.1 update should have been there from the beginning. It is because of this that I suspect Apple is just finishing up the details on how to create a development program for the phone and is most likely relying on Leopard (and whatever surprise iPhone-Xcode enhancements lie within) to provide a coding platform.

Until such time, however, it is definitely in their best interest to close all the holes that the "developers" are using since they are - for the most part - major gaps in security.

If folks "need" a modern phone with the ability to develop their own apps there are many choices out there besides this one. While I, too, was hoping for the ability to develop apps for it, I bought the phone because I was tired of numeric keypads and clumsy UIs on the existing phones (including the "smart" phones). Apple gives me everything I needed on the phone (well, except for starting with the world's worst carrier - I'm single-handedly degrading AT&T's "dropped calls" percentage - and no 3G) and will hopefully give me the ability to put everything I'd like to have on it someday.

Louis Wheeler
2007-10-10 10:19:39
I have no problem with either side of this issue. If Apple insists that the iPhone remain closed for now, that is its business. There will be consequences that Apple will have to adjust to.

Anyone who objects should not buy an iPhone. They especially should not demand a right to tinker with their iPhone AND get to escape the consequences of violating their warranty.

If Apple allows them to get away with tinkering, then Third Party applications for the iPhone will become a free-for-all and Apple will never be able to rein the hackers in. So, it is best for Apple to settle this now.

Apple has had its hands full with putting out Mac OSX 10.5 Leopard. When that is issued, probably within the next week, then Apple can release the programmers necessary to fix the iPhone's security problems which prevent a software development kit.

The Hackers are helping Apple by revealing bugs in the iPhone's OS, but Apple need not thank them for it because they are violating Apple's rights by doing so. Nor must Apple pay attention to them or fix their iPhones. Apple has protected itself from any reasonable lawsuit. That is enough.

The bad PR from this will blow over. Most iPhone buyers have no intention of violating their agreements. Most of them are delighted with the iPhone as it is. They have no intention of turning the iPhone into a Handheld Computer.

That will come, eventually, but under Apple's control, not the hackers. The hackers can grumble about this, but that is tough.

Walt French
2007-10-10 11:32:01
knowing whether the side effect of the upgrade was intentional or coincidental is still everyone’s guess.

Well, it'd be really dumb for Apple to try to harm their customers... an easily lost and easily huge lawsuit with the expected huge bad press that'd kill sales for absolutely every Apple product if somebody inside the dev team either blows the whistle or is compelled to testify.

So, let's presume that Apple's only possible official position -- that the update was not intended to brick the iPhone, but watch out if you've modded the device and maybe don't apply the update -- actually reflects reality.
2007-10-10 13:44:05
I want 3rd party applications!!!!

I do NOT want those applications running on an insecure, unstable and infinitely hackable platform.

All security holes need to be plugged, even if it means 3rd party applications can't be installed. This will obviously increase the security of all platforms that run OS X.

It's interesting how perspectives depend upon circumstances: If Apple had already allowed 3rd party applications to be safely added to the iPhone, these same users who now demand hack-ability would be demanding that Apple plug the exact same holes they now want left open!

Their desire for 3rd party applications is whole heartedly mirrored by this author, but their whining about the removal of security vulnerabilities for the sake of allowing 3rd party applications is ridiculous.

If you really want to hack the platform, then you forfeit your right to whine when your hacks are disabled when Apple plugs the security holes you're using.

That's simple reality.

Apple WILL allow 3rd party applications. They'd be stupid not to do so. Apple may be a lot of things, but it's NOT stupid.

Wayne W
2007-10-11 15:13:09
I agree with part of it: Keeping the platform "Locked down" frees the iPhone and future iPod products frombeing hacked, or having their information leaked. The way that Apple has handled things, however, has made the iPhone a promising, yet hampered, idea: By forcing the rules onto the consumer and not onto either the developer or carriers, they have turned what could have been the ultimate phone, not to mention a 1.0 product, into an ordinary product.

Had they allowed multiple carriers and forced their carriers to their standards instead of the other way around, Not only would there be a sever shortage of "Bricks", but a revolution in the mobile phone industry. Likewise, by not allowing third-party development, they cut out not only open-source software that could have taken advantage of the phone, but also the outside ideas and innovations that have so often helped Apple in the innovation department in the past. By locking out the iPhone, Apple is cutting its own throat.

I hope they wake up and listen to the other side soon.

anon a mouse
2007-10-12 16:19:53
Cell phones that allow software to be installed have a hurdle that other computing platforms don't: E911.

If malware or crappy software causes a desktop/laptop to crash or not boot, somebody might lose data, time, and/or money, but it's not the end of the world.

If malware or crappy software stops cell phones from successfully dialling 911, people die. The FCC has rules and a certification program intended to prevent that from happening.

For whatever reason, Apple didn't put a security mechanism into the iPhone; everything runs as root. So the safest way to keep people from dying is to prevent people from installing software.

It's a big job - as in multiple man-years by really smart people - to add sufficient security to a Unix-type cell phone OS that didn't start with it to allow installation of arbitrary software while making sure the phone stack will always work under all circumstances and make the FCC happy. Unless Apple has been working really hard in the back room for a while, I don't expect to see a developer kit for the iPhone any time soon.

2007-10-19 20:38:45
The iPhone to me is as expected the best mobile phone I have ever had the pleasure of using.
Being an Australian user I am also happy the "Hackers" or Exploiters are working hard on making this phone work for me.
I am using my iPhone on an Australian network with no problems at all after 5-10 minutes of modding, and everything including the third party apps I have installed do what they where intend to do, exceptionally well!
I think apple are using the exploiters in 2 ways, they have a large community finding the holes for them in the OS and also are now able to gauge just how many people are interested in 3rd party application development for there new product. And Now as most of the community expected they have given a date for the released the development kits (only 3 months away) and they have obviously been working on this for for some time, but kept it there little secret until now, A smart move I think. Releasing there phone as a so called "Closed Platform" might have been there way to employ the community without paying them.
As for the comments about other similar products and development for them, they might be similar on paper, but thats where it ends. The iPhone makes all its current competition look and feel very average indeed and I don't expect there will be anything like this product from any major manufacturer anytime soon.
iPhones rock!

2008-03-16 20:05:48
what do you expect. The iphones a PHONE. Its meant for calling people, listening to music and checking your email. Of course its not as secure as a computer.