UPDATE - New update breaks hacked iPhones

Users are reporting that a new update to Apple's iPhone is making previously unlocked iPhones unusable.

The iPhone 1.1.1 update, released Thursday, breaks phones that have been hacked so that they work with providers other than AT&T Inc., the only U.S. provider Apple has allowed to carry its mobile phones.

In recent months, a number of software tools have been developed which allow iPhone users to break free of Apple's AT&T-only restriction, but Apple has said that it would fight any attempts to unlock the iPhone. Earlier this week the company released a warning that unlocked iPhones "will likely result in the modified iPhone becoming permanently inoperable when a future Apple-supplied iPhone software update is installed."

Shortly after the Thursday update was released, users of unlocked iPhones began reporting problems.

Security researcher Tom Ferris said the new software disabled a phone that had been unlocked using the open-source anySIM software in order to work on T-Mobile USA's wireless network. After the update, the iPhone was stuck with an error message and apparently unusable. "It kept saying 'unsupported SIM card,' even with the AT&T SIM card in it," he said. "You can turn the phone off or on, but we just can't figure out how to get past this 'SIM card not supported'," he said.

SIM (Subscriber Identity Module) cards contain account information and are used to authenticate devices on certain types of mobile networks. Unlocked iPhones can use SIM cards from non-AT&T networks.

Others were reporting similar problems on Thursday.

The update also appears to disable the 'Jailbreak' hack which allows users to install unsupported software on the iPhone, Ferris said. After the 1.1.1 patch was installed it wiped out all of the third-party applications he had installed on a second iPhone, he said.

The new software is Apple's biggest iPhone update to date, and it fixes a number of security flaws in the mobile phone's browser, mail client and Bluetooth networking server.

The majority of the flaws do not appear to be critical, but the update fixes a larger number of bugs than the first iPhone update, released July 31.

Hackers have said that the iPhone's browser and mail clients are the most likely sources of software flaws and this release bears that out. Apple fixed seven flaws in the Safari browser, two in the iPhone's mail client and one Bluetooth bug with the release.

The Bluetooth flaw could be the most serious -- Apple said that it could allow an attacker to run unauthorized code on the iPhone -- but because Bluetooth works over a range of just a few feet, the attacker would have to be standing near the victim for any exploit to work, said Andrew Storms, director of security operations with nCircle Network Security Inc.

Noted hacker HD Moore agreed that the Bluetooth flaw was serious. "The only bad issue here is the Bluetooth [flaw]," he said via e-mail. "I will start working on this tonight."

Though there may be some technical limitations to what an attacker could do by exploiting this bug, it "could be a nasty remote exploit," he added.

Earlier this week, Moore added iPhone hacking capabilities to the Metasploit hacking tool that he develops.

The patch also fixes some cross-site scripting and JavaScript flaws in the browser that could also be serious, Storms said via instant message. These flaws could be exploited to make the browser run unauthorized JavaScript code, he said.

Mobile phone users typically cannot update their own software, but Apple introduced this capability in the iPhone, which uses the update mechanism in the phone's iTunes music player.

iTunes checks for these updates once per week, so it may take up to seven days for all iPhone users to see these updates. Apple advises users to install the update immediately.

Join the Good Gear Guide newsletter!

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Robert McMillan

IDG News Service

Most Popular Reviews

Follow Us

Best Deals on GoodGearGuide

Shopping.com

Latest News Articles

Resources

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Latest Jobs

Shopping.com

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?