New Apple 3GS iPhone Blocks Jailbreak Exploit
In the latest volley with the the hacking community, Apple updated the BootROM for the iPhone 3GS, a software upgrade that allegedly will keep the device from being vulnerable to an exploit known as "24kpwn," which allows individuals to "jailbreak" an iPhone.
Users who jailbreak an iPhone remove barriers to installing third-party applications, which include cracked applications and software not distributed by Apple or the iTunes Store.
Apple began shipping the latest batch of 3GS iPhones with the new BootROM -- iBoot-359.3.2 -- last week.
The 24kpwn exploit was used extensively by individual hackers and members of the Dev-Team, a group of hackers who release tools to exploit and run unauthorized apps on iPhone OS.
However, one Dev-Team member, known as "MuscleNerd," contended on a Twitter blog that the latest BootROM release would likely curb iPhone jailbreaking attacks for a while if the "24kpwn" exploit is blocked.
Critics say that Apple's latest BootROM launch is driven primarily by antipiracy objectives. While jailbreaking an iPhone can achieve relatively benign functions such as opening up a device for other carriers, it also can be used as a way for hackers to steal apps from the Apple App Store.
The iPhone flaw was first detected by Apple researcher Charlie Miller, who found a security vulnerability occurring in the way the device receives and sends text messages via its Short Messaging Service, or SMS.
Attackers who exploit the SMS flaw could track a victim's location via GPS, execute malicious code that launches a denial of service attack, execute a botnet or listen in on conversations, as well as jailbreak the iPhone to steal apps and use the device on a carrier other than Apple's exclusive carrier, AT&T.