Firmware Update Breaks Hacked iPhones
The iPhone 1.1.1 update, released Thursday, breaks phones that have been hacked so that they work with providers other than AT&T Inc., the only U.S. provider Apple has allowed to carry its mobile phones.
In recent months, a number of software tools have been developed which allow iPhone users to break free of Apple's AT&T-only restriction, but Apple has said that it would fight any attempts to unlock the iPhone. Earlier this week the company released a warning that unlocked iPhones "will likely result in the modified iPhone becoming permanently inoperable when a future Apple-supplied iPhone software update is installed."
Shortly after the Thursday update was released, users of unlocked iPhones began reporting problems.
Security researcher Tom Ferris said the new software disabled a phone that had been unlocked using the open-source anySIM software in order to work on T-Mobile USA Inc.'s wireless network. After the update, the iPhone was stuck with an error message and apparently unusable. "It kept saying 'unsupported SIM card,' even with the AT&T SIM card in it," he said. "You can turn the phone off or on, but we just can't figure out how to get past this 'SIM card not supported'," he said.
SIM (Subscriber Identity Module) cards contain account information and are used to authenticate devices on certain types of mobile networks. Unlocked iPhones can use SIM cards from non-AT&T networks.
Others were reporting similar problems on Thursday.
The update also appears to disable the 'Jailbreak' hack which allows users to install unsupported software on the iPhone, Ferris said. After the 1.1.1 patch was installed it wiped out all of the third-party applications he had installed on a second iPhone, he said.
The new software is Apple's biggest iPhone update to date, and it fixes a number of security flaws in the mobile phone's browser, mail client and Bluetooth networking server.
The majority of the flaws do not appear to be critical, but the update fixes a larger number of bugs than the first iPhone update, released July 31.
Hackers have said that the iPhone's browser and mail clients are the most likely sources of software flaws and this release bears that out. Apple fixed seven flaws in the Safari browser, two in the iPhone's mail client and one Bluetooth bug with the release.
The Bluetooth flaw could be the most serious -- Apple said that it could allow an attacker to run unauthorized code on the iPhone -- but because Bluetooth works over a range of just a few feet, the attacker would have to be standing near the victim for any exploit to work, said Andrew Storms, director of security operations with nCircle Network Security Inc.
Noted hacker HD Moore agreed that the Bluetooth flaw was serious. "The only bad issue here is the Bluetooth [flaw]," he said via e-mail. "I will start working on this tonight."
Though there may be some technical limitations to what an attacker could do by exploiting this bug, it "could be a nasty remote exploit," he added.
Earlier this week, Moore added iPhone hacking capabilities to the Metasploit hacking tool that he develops.
Mobile phone users typically cannot update their own software, but Apple introduced this capability in the iPhone, which uses the update mechanism in the phone's iTunes music player.
iTunes checks for these updates once per week, so it may take up to seven days for all iPhone users to see these updates. Apple advises users to install the update immediately.