iPhone Update Erases User Modifications

Hackers say Apple's iPhone security update erases changes users have made to the devices' firmware.

Apples answer to the early security threats to iPhone is apparently a lot more than just try to plug security holes—it also uncovers and erases any user modifications to the devices firmware, according to hackers.

On iPhone Dev Wiki, a Web site developed by people involved in efforts to unlock the iPhone, when the security update is installed, it detects and wipes changes to the firmware made by the user. The update then re-installs a fresh copy of the firmware.

However, users of the site reported the update does not thwart the 1.0 version of Jailbreak.

The iPhone update was part of a massive update released the week of July 30 by Apple, of Cupertino, Calif., that addresses 50 flaws in its Safari browser, Mac OS X and the iPhone.

The release of the iPhone fixes beat by roughly 24 hours a presentation by security researcher Charlie Miller, of Independent Security Evaluators in Baltimore, about a remotely exploited flaw affecting the iPhone.

Miller and his colleagues created an exploit for the iPhones Safari browser wherein they used an unmodified device and surfed to a maliciously crafted drive-by site. The site downloaded exploit code that forced the iPhone to make a connection to an outbound server controlled by the trio. The device could then be forced to send out personal data.

Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEKs Security Watch blog.