Cybersecurity researchers Charlie Miller and Colin Mulliner plan to publicize a vulnerability in the iPhone’s handling of SMS messages that could leave the phone open to attack. Forbes reports that the pair will demonstrate today at the Black Hat cybersecurity conference in Las Vegas how to send a series of mostly invisible SMS bursts that can give a hacker complete control over the phone’s functions. These include dialing the phone, accessing the Internet, turning on the camera and/or microphone, and sending more text messages to further propagate the hijacking. “This is serious. The only thing you can do to prevent it is turn off your phone,” Miller said in an interview with Forbes. “Someone could pretty quickly take over every iPhone in the world with this.” Miller and Mulliner say they notified Apple of the vulnerability nearly a month ago, but the company has yet to issue a patch.
In a new comment filing with the U.S. Copyright Office and published by Wired, Apple claims that hackers, wielding jailbroken iPhones could cause “potentially catastrophic” results. Apple explains that the iPhone’s operating system — which is modified during the jailbreak process — controls the device’s baseband processor (BBP), which in turn controls the phone’s connection to the cellular provider’s network. The company argues that changes made to the BBP could result in inoperable phones, anonymous communications via a changed Exclusive Chip Identification (ECID) number — which “would be desirable to drug dealers” — and could also be used to facilitate an attack on the cellular network, crashing tower software, and possibly more. “In short, taking control of the BBP software would be much the equivalent of getting inside the firewall of a corporate computer – to potentially catastrophic result,” Apple claims. The company’s comments are part of an ongoing battle with the Electronic Frontier Foundation, which proposed a new exemption to the Digital Millennium Copyright Act (DMCA) which would explicitly allow jailbreaking of iPhones.
An ongoing iPhone 3GS issue where Works With iPhone-certified accessories bring up an error when connected is being blamed on software. Based on a reader report and two Apple discussion board threads, it appears that some iPhone 3GS users are greeted by an error that reads “This accessory is not made to work with iPhone - Charging is not supported with this accessory” when connecting certain WWI accessories, with Mophie’s Juice Pack Air cited in many cases. iLounge contacted Mophie to ask about the issue, and the company blamed the problem on a 3GS-specific software issue.
“We have seen a brand-new iPhone 3GS that was plugged in an AT&T store demo Apple iPhone Dock and the 3GS screen shows that the accessory(Apple Charging Dock) is not an authorized Work with iPhone accessory,” the company said in an email to iLounge. “As related to Juice Pack Air, this issue will usually goes away after the consumer fully recharge the Juice Pack Air or reconnecting to the iPhone 3GS. If this issue is consistently showing, please have the consumer call or email us, we would [gladly] replace it with a new one and get the other one back for study. [We are] confident that Apple has discovered this issue with many of its own accessories as well and hopefully this issue will go away completely with a new software update.”
A number of under-the-hood improvements added to the third beta version of iPhone OS 3.1 have been revealed to iLounge. Notably, the new beta supports failover support for HTTP live streaming, allowing content providers to queue up multiple media playlists, automatically switching over to a secondary stream in the event that the first one fails to load. Other improvements include enhanced support for Bluetooth audio recording in third-party applications, and the ability to perform offline audio conversion to AAC. As noted in a previous article, additional functions have also been added to the OS’s APIs to allow for customized interactions with the camera, including those seen in augmented reality applications. The new beta also runs somewhat faster than its predecessor.
Apple has rejected an official Google Voice application, and has since removed two competing third-party solutions from the App Store, suggesting that the company—or perhaps its carrier partners—does not want the service available on the iPhone or iPod touch. Google Voice allows users to send free SMS messages, offers affordable long-distance calling rates, and lets users hand out a Google Voice number which is tied to their account and can be ported from device to device simply by signing in. Speaking with TechCrunch, a Google spokesperson said, “We work hard to bring Google applications to a number of mobile platforms, including the iPhone. Apple did not approve the Google Voice application we submitted six weeks ago to the Apple App Store. We will continue to work to bring our services to iPhone users — for example, by taking advantage of advances in mobile browsers.”
Apple has also pulled two third-party Google Voice applications, GV Mobile from Sean Kovacs and a competing app called VoiceCentral, for duplicating iPhone functionality. Notably, Kovacs claims that Apple Senior Vice President of Worldwide Product Marketing Phil Schiller called him personally to apologize for the delay in getting GV Mobile approved in the first place, making its removal all the more curious. Google currently has official Google Voice applications available for both the company’s Android platform and for BlackBerry.
Apple and China Unicom have reached a preliminary agreement for exclusive sales of the iPhone in mainland china, according to a Reuters report. Shanghai Securities News originally reported that a deal had been made, however, China Unicom spokeswoman Sophia Tso quickly released a statement stating that “[d]iscussions are still ongoing, we have not reached any formal agreement.” The original Shanghai Securities report also said that the deal did not include a revenue sharing arrangement—something that was believed to be a sticking point in Apple’s negotiations with Chinese carriers—and that under the agreement, China Unicom will purchase the devices from Apple for 3,000 yuan (roughly $440) each, and will guarantee annual sales of 1-2 million units and at least 5 billion yuan ($732 million) in annual revenue. During Apple’s recent Q3 financial results conference call, Apple executives had little to say on the subject of the iPhone in China, beyond reiterating that it continues to be a priority and they hope to have the device available there within a year.
Apple has released the third beta versions of iPhone OS 3.1 and the related SDK. The new beta operating system is listed as build 7C116a, while the updated SDK is listed as build 9M2808. It is currently unclear what changes are present in these new beta releases; however, Apple is expected to make certain video APIs accessible for third-party developers in order to support augmented reality applications on the iPhone 3GS. Both the updated beta OS and the updated SDK are available now to registered iPhone developers through the iPhone Dev Center.
Reporting its second-quarter financial results today, AT&T revealed that the iPhone continues to be both a long-term boost and a modest short-term drag on the company. The exclusive U.S. iPhone carrier said it handled more than 2.4 million iPhone activations in the quarter, partly due to the iPhone 3GS launch, and increased its overall 3G smartphone subscriber based by more than 3.5 million. The large number of iPhone purchases also came with a cost in the form of subsidies, however, narrowing wireless operating margins to 23.8% during the period, down from 25.5% in the year-ago quarter; however, these subsidies are more than repaid during the two-year service contracts of subscribers. Overall, the company saw quarterly revenue of $30.7 billion, net income of $3.2 billion, and diluted earnings of $0.54 per share.
In its Mobile Metrics Report for June 2009, mobile advertising platform AdMob detailed iPhone and iPod touch share by region, finding that the international market for the devices is growing faster than the U.S. According to the report, 54% of iPhone OS users in June were in the U.S., down from 61% six months ago. 26% of those were in Western Europe, with Asia representing 7% of global iPhone and iPod touch users. The company also points out that despite the rise in iPod touch sales reported by Apple in it’s Q3 2009 earnings call, the ratio of iPhones to iPod touches on their network remained at roughly 2:1, suggesting the growth of the two devices is on a similar trajectory. AdMob’s numbers are based on the 16 million iPhone OS users in their network.
A new problem with Apple’s Push Notification service and hacked iPhones is causing AIM messages to be sent to unknown/random recipients without the user’s knowledge. Till Shadde, CEO of Equinux, discovered the glitch by sending an AIM from his Mac to his iPhone, only to get a response back from an unknown user. According to his Twitter stream, the problem manifests itself when sending a message to a hacked iPhone containing the Push Notification service hack, Shaddde claims that any message sent to a hacked iPhone running the Push hack “seems to be broadcasted to all hacked phones.” Apple is believed to be actively blocking Push Notification service on hacked or unlocked iPhones.
Despite accounting for only three percent of worldwide cellphone sales in 2008, Apple and BlackBerry maker Research In Motion accounted for a much larger percentage of profits—35% combined—according to Brian Modoff, an analyst with Deutsche Bank. The Wall Street Journal reports that Modoff expects an even wider discrepancy this year, with the rival smartphone makers accounting for five percent of sales but 58% of total operating profits. Modoff attributes the two companies’ profitability to their focus on smartphones, which tend to sell for higher prices an provide wider margins than traditional cellphones. Apple and RIM controlled roughly 32% of the smartphone market between them in the first quarter, according to IDC estimates.
Universal Studios Home Entertainment has announced plans to begin offering iPhone and iPod touch-enabled features on upcoming Blu-ray releases. This new functionality, launching on July 28 with the 2-Disc Blu-ray release of Fast & Furious, will be enabled via companion applications available from the App Store. The initial app will tie in with the “Virtual Car Garage” bonus feature, allowing users to control 360-degree views of cars featured in the film, along with exclusive technical specs, directly from their device. Other planned features include virtual remote functionality, the ability to access and download bonus content for on-the-go viewing, and the ability to access addition film details while watching the movie. The Fast & Furious Blu-ray companion app will be available as a free download.
Google has announced that iPhone and iPod touch users running iPhone OS 3.0 can now perform local searches via the company’s My Location feature. When users visit google.com from Safari, a link on the page will allow them to turn on My Location, after which searches can be made on a local basis; the Official Google Mobile Blog uses a search for “Jazz clubs” in New York City as an example. Once the feature is turned on, users can update their location via a link on the main google.com home page. It is unclear whether Apple plans to build the feature into future versions of Safari for iPhone, which would allow for location-based searches via the browser’s integrated search area.
An anonymous source has provided iLounge with a listing of small but notable changes found in the second beta version of iPhone OS 3.1. A new option in the Accessibility menu allows users to triple-click the Home button in order to toggle VoiceOver or the White on Black features on and off; VoiceOver has also received a practice mode for learning its unique gestures. When editing video, the “Save” and “Save as Copy” options from beta 1 have been changed to “Trim Original” and “Save as New Clip” for clarity, and another change—possibly included in the first 3.1 beta as well—keeps the user’s “Now Playing” queue intact across syncs, meaning the user must manually change the playlist or finish listening to the one started prior to the sync. The other big change on the developer side is that developers can now monitor/debug their apps over Wi-Fi rather than having to use a USB connection. iPhone OS 3.1 beta 2 is available now to registered iPhone developers; Apple has yet to set a release date for a broader launch of the update.
Apple has released the second beta versions of both the iPhone SDK 3.1 and iPhone OS 3.1 to registered iPhone developers. Notes for the new beta of iPhone OS 3.1 do not show any apparent changes from the first beta release, which included non-destructive video editing, support for Voice Control over Bluetooth, and new modem firmware and AT&T profiles. The first 3.1 beta release of the iPhone SDK offered updated OpenGL and Quartz APIs; no major changes are indicated in the release notes for the updated SDK. iPhone OS 3.1 and iPhone SDK 3.1 beta 2 are now available for download from the iPhone Dev Center.
A number of iPhone users are reporting problems with the playback and syncing of Voice Memo files, as well as the access and syncing of photos taken with the iPhone’s camera. In an Apple support discussions thread, several users claim to have made recordings which are visible on the device, but are unable to be played back—while the play icon changes to a pause button, indicating the file is being played back, the slider never moves, nor does any sound come out. In some cases users were able to sync their phones and retrieve the message(s), but in others the sync removed the files from the phone entirely. Interestingly, an iLounge editor came across a similar problem with the iPhone’s Photos application, in that the phone suddenly acted as if no photos were stored on the device, and would take pictures but claim it was empty. After importing the photos into iPhoto, the app began to have trouble finding specific images, and the import did not help fix the problem on the iPhone. Another bug makes the Camera shutter button unresponsive and unable to take pictures. It is possible that these issues are unrelated, however, it is also possible that a bug in the way iPhone OS 3.0 handles saving files to its media databases may be to blame. [via MacNN]
Liverpool, U.K.-based Stuart Hughes has introduced its new 18ct Solid Rose Gold iPhone 3GS Diamond. Sporting a replacement rear plate and bezel made of solid gold, the new model contains approximately 150 grams of 18ct rose gold, as well as 53 pink diamonds set in the rose gold Apple logo. The 18ct Solid Rose Gold iPhone 3GS Diamond will be available later this week and will sell for £21,995, or roughly $35,575.
Apple may be intentionally blocking users with hacked or unlocked iPhones from receiving Push Notification messages, according to a developer report. Czech developers PoweryBase, makers of the Push Notification-powered reminder app NotifyMe, report that the 5% of its customers using unofficially modified or activated phones were creating more than 80% of customer support requests, complaining that the application didn’t work as advertised. Upon closer inspection, PoweryBase discovered that these phones were not receiving a response back from Apple’s Push Notification Server (APNS), while normal devices had no such issue. “When the Push based application such as NotifyMe requests an ID from APNS, the server responds within a second and identifies the device with the unique token. From that point, the connection between APNS and user’s device is successfully established,” said Pavel Serbajlo, PoweryBase’s lead developer. “However, on a unofficially activated device, APNS keeps the application wait forever and does not provide any respond at all, keeping user wait infinitely or time out the connection, if the target application is capable of timing out.” The company is now implementing an in-application check to see whether or not data is being received back from the server and directing users to the app’s FAQ page if a problem is detected; the company is also discouraging users of hacked iPhones from purchasing NotifyMe. NotifyMe is available now from the App Store and sells for $4; a free version is also available.
Drawing on his own experiences developing for the Iconfactory and from discussions with “hundreds” of other iPhone developers, Craig Hockenberry has posted a comprehensive list of the challenges and problems facing the App Store as it heads into its second year—including 3-week wait times for app update approvals—as well as an equally comprehensive list of possible solutions. Among his suggestions are the verification of developers instead of individual applications, the ability to offer paid upgrades and time-limited trials of applications, more clear, concise rules for application behavior and content, and a second, more expensive tier for larger developers with premium service. Hockenberry goes on to acknowledge that it has been a great last year for both Apple and third-party iPhone developers, but expresses fear that developers may begin to feel disenchanted with the iPhone maker should it continue refusing to engage developers and ignore their needs, and notes Apple’s refusal to answer App Store questions at WWDC enhanced that fear.
Apple has posted a new support document outlining the steps users can take to try and fix specific Wi-Fi or Bluetooth issues on the iPhone or iPod touch. According to the article “Unable to use Wi-Fi or Bluetooth with iPhone or iPod touch because there’s no address listed for the device,” symptoms of the issue may include a greyed out Wi-Fi or Bluetooth icon, a lack of an address for either or both of the protocols, the appearance of a Wi-Fi signal but no ability to connect to online services, and the inability to pair with a Bluetooth device. Apple lists three steps for fixing these problems, telling users to try resetting network settings, erasing all content and settings, and restoring the software. If none of those three methods work, Apple says the device may need repairs. A number of users have reported problems with Wi-Fi and or Bluetooth following the installation of iPhone OS 3.0, however, it is unclear how many users are dealing with the specific issues outlined in this document.