- home
- reviews
- news
- downloads
- cnet tv
HOLIDAY HELP DESK: Broadcasting live at 1:00 p.m., PT
- log in
- join CNET
- welcome,
- my profile
- log out

Comments on: Apple patches 10 iPhone flaws

Seven of the updates affect the MobileSafari browser within iPhones.

Add a Comment (Log in or register) (18 Comments)

Apple's habit...

by SecurityExpertMan September 27, 2007 1:40 PM PDT

...of just throwing a product out there without adequately pre-
testing for security issues is intolerable. For all these security
issues found by the good guys, there are 10 more found by the
bad guys that we hear nothing about and gets sold to the highest
bidder.

Apple's software products used to be the best in security and
privacy, but not anymore. Take EFI for instance.

Like this Reply to this comment

Apple's habit of just throwing a product out there
by rcrusoe September 27, 2007 2:12 PM PDT: I agree, it is totally unacceptable.

They should wait until the product is 100% ready for the marketplace with all possible security flaws fully closed - like Microsoft Vista.; Like this View all 3 replies Hide replies
Processing

Is there evidence it wasn't pre-tested?
by dotmike September 27, 2007 2:34 PM PDT: Hacks are possible into anything. Even the best lock in the world
can be drilled.

I'm sure Apple did test, but the mathematics of security
vulnerabilities suggests the odds of finding every possible
combination within a given period of time are against it.

It's important that issues are patched as they are discovered and
before they are widely exploited, and Apple appears to be doing
that.

Besides, most of the exploits seem to rely on "enticing a user to
visit a maliciously crafted Web page."

As the doctor with the "it hurts when I do this" patient said,
"don't do that."; Like this View reply Hide reply
Processing

Ditto here RCrusoe
by Rick Cavaretti September 28, 2007 7:26 AM PDT: Great 'thinly veiled' post with a great punch line at the end. I too
almost lost my coffee across my keyboard.; Like this Reply to this comment

Woops. One more thing

by Rick Cavaretti September 28, 2007 7:30 AM PDT

Hit the button too soon. Other sites are reporting this story in a
different slant. Apparently, this update shuts down all of the
hacked iPhones and limits them to the ATT network. Almost no
mention of the other issues.

Like this Reply to this comment

What Apple is not open source?
by ferretboy88 September 28, 2007 4:34 PM PDT: Apple only wants you to use the lame AT and T crap network. People talk about mircosoft and how greedy they are but Steve Jobs has 6 Billion and he sure is a real greedy pig also.; Like this

the bigger issue (to me)...

by mastercko September 28, 2007 11:09 AM PDT

...isn't the fact that they're releasing a patch (that's normal, whatever).

It's this:

Further, Apple refuses to discuss pending security vulnerabilities not patched here, stating "For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available."

guh? "We won't talk about it till we fix it?" Security through obfuscation? Isn't that attitude like the exact OPPOSITE of the computer security community at large? Gotta love the walled garden.

Like this Reply to this comment

Sure
by Lee in San Diego September 29, 2007 9:46 AM PDT: They should publish details about vulnerabilities. /snark; Like this

horizontal keyboard for texting?
by sirjigster September 28, 2007 6:11 PM PDT: where is the horizontal keyboard for texting? why not try to add a
copy and paste feature? where is the MMS texting? like other
people have said they are just trying to relock the phones for the
users who have t-mobile.; Like this Reply to this comment