Analysts want iPhone feature, security updates separated | iLounge News


Analysts want iPhone feature, security updates separated

As we noted last week, included in Apple’s iPhone Software version 1.1.1 update were several security fixes for the phone’s Bluetooth, Mail, and Safari software. According to a Computerworld report, this drew the ire of security analysts, who believe that vendors should separate functionality and security updates, especially when the update may have unwanted consequences for some users. “With the iPhone update, Apple is now producing a fear of taking their patches,” said Andrew Storms, director of security operations at nCircle Network Security Inc. “If they release a functionality update and security fixes at the same time in the future, some users will think twice about applying it.” Garter Inc.‘s John Pescatore added, “There should definitely be a separation between security and functionality. Users shouldn’t be forced to accept new functionality to get security fixes.” Apple has traditionally offered a mix of standalone security updates and bundled security fixes for its Mac OS X operating system.

Related Stories



1: Fail to adequatley secure new hardware OS before release.

2: Find ways to bloat code to motivate a hardware upgrade, disguise it as new features.

3: Fix security issues found out by the free public.

4: Announce a “security update” with “new features”

5: Wait for new hardware sales to come in.

Posted by MacLifer on October 2, 2007 at 11:08 AM (CDT)


Apple isn’t Microsoft and they will never do things the way the PC folks think they should. So I got more security AND additional functionality in the same update? What’s the downside to that?

Posted by RNB on October 2, 2007 at 11:13 AM (CDT)


RNB: Have you heard of the iBrick? I’m lead to believe it was created with the compiled security/functionality update.

Posted by Annon on October 2, 2007 at 11:21 AM (CDT)


The iPhone is an appliance, not a computer.  By its nature as a “smartphone” you should not have a choice.  Last I checked I did not have choices with other smartphones (if they ever released upgrades at all).  So there should say be a “security” fixed version of Safari, and a separate “features” version?  So if I don’t want to “break” something I can only upgrade the iPhone with the security patched version, rather than simply an upgrade???  This makes no sense.  Its a phone, not a general purpose computer/OS, get over it and live with it if you hack your system and it then breaks.

Posted by Brian James on October 2, 2007 at 11:24 AM (CDT)


If you are not doing anything wrong (ie violating contracts and legal agreements, hacking, stealing, etc.) you wouldn’t have anything to worry about, now would you?

Posted by Mike L on October 2, 2007 at 11:37 AM (CDT)


Did any of the iPhone owners read the EULA or TOS for the 3rd party apps (HACKS) they “installed”?

Go after the 3rd party providers, not Apple.  The hack broke the phone on update, not the other way around.

Posted by Korexz on October 2, 2007 at 11:52 AM (CDT)


The consistent bitching about “locked this” and “I cant blah blah blah that” is getting real annoying. We need to stop being so self-centered and assuming that we can have whatever we want.

Posted by Jordan on October 2, 2007 at 12:37 PM (CDT)


So many people seem to be assuming that the only reason for wanting to separate the updates is to avoid “bricking” a hacked phone.  Why do you assume that a security update wouldn’t brick it? 
If I had the choice of updating my iPod to sort numbers to the end of the list just like - oh, right, like nothing else does, then I would have opted to leave the sorting alone.

Posted by WhoCares on October 2, 2007 at 12:55 PM (CDT)


RNB, are you kidding? If anything, Apple is being worse than Microsoft in this regard. They’re disguising the fact that they had to patch up security flaws in the iPhone by claiming that the changes made to the iPhone were in the form of added functionality. Lying pricks!

Posted by RNB is totally wrong on October 2, 2007 at 1:07 PM (CDT)


Maybe I missed something. When did Apple lie?

I’m serious about that question so dont dismiss it as just something an Apple fan-boy asked.

Posted by Jordan on October 2, 2007 at 2:38 PM (CDT)


I once thought the pre-release iPhone hype was absurd, but it pales compared to the post-release iPhone whining.

The iPhone does almost everything I’d like it to do. Does it do everything? No. I’d love for them to allow third-party developers to write native programs, but they don’t. (Yet. I think it’s coming within 18 months. If it never comes, I can still live with that.)

Until then, I will happily use my iPhone without hacking it. In my opinion (and for my wants/needs), there is nothing else on the market that even comes close to the iPhone.

Posted by BJ Nemeth on October 2, 2007 at 3:49 PM (CDT)


I’d also like to know what Apple lied about? And when’s the last time Microsoft refunded money to customers who thought a product’s price dropped too soon?
We already get free updates and added features that other phones generally don’t get, so should Apple simply give everyone a free iPhone as well? I doubt that would make the whiners happy either.

Posted by RNB on October 2, 2007 at 4:15 PM (CDT)


A lot of you guys miss the point of his statement.
He wants separate updates so people will not hesitate to perform a security update, therefore securing the platform and preventing viruses and worms from spreading.
He’s saying, from a security analysis’ point of view, it would make the world better if everyone performed their security updates, and nobody, not even apple, should do anything to discourage people from doing so.

Posted by poop on October 3, 2007 at 12:52 AM (CDT)


The seamless updating process is an essential part of the iPod experience, and is quite similar to the updating process of Mac OS X on Macs.
I am very happy that Apple continues using it with the iPhone.

In terms of security, smartphones get updated very seldom, because the process is very complex.
On an iPhone, updated software is installed at every sync.

This is a first in the mobile phone industry and a giant step in terms of security.

Do you really want BMW to allow you to update just a fraction of the active steering
software ? And install 3rd party driving enhancements ?

You would end up with an insecure, underperforming car.
Which is precisely the mess you get with WIndows Mobile and Symbian.

The mobile phone industry is starting to get mature. Analysts traditionally need 5 to 10 years more ...

Posted by Jerome on October 3, 2007 at 8:50 AM (CDT)

Subscribe to iLounge Weekly

Sign up for the iLounge Weekly Newsletter

iLounge is an independent resource for all things iPod, iPhone, iPad, and beyond.
iPod, iPhone, iPad, iTunes, Apple TV, Mac, and the Apple logo are trademarks of Apple Inc.
iLounge is © 2001 - 2018 iLounge, Inc. All Rights Reserved. Terms of Use | Privacy Policy