Home » Learning Curve » Red Hat Diaries
iPhone and Security
They were thinking.
The iPhone was over two years in development. So said Steve Jobs at Macworld 2007. That means that most likely it was already under development at the time of Macworld 2005 and was already under development at the time of the WWDC the same year.
It was far into development at the time of Macworld 2006 and even further along at the time of the WWDC 2006. And it might also be behind the delay in the release of the successor to Panther 10.3 in October 2003 when Avie Tevanian announced the company wouldn't be coming out with OS X upgrades as often as in the past.
And it's certainly behind the delay of Leopard until October 2007 for Apple themselves have said so.
Considering all the tight lipped planning and the fact Steve Jobs had to patiently bide his time and miss those famous 'one more thing' quips for all that time it's fairly obvious the iPhone team were intensively focused.
And with that as a backdrop for the entire iPhone project it's highly improbable the types of security questions now circulating were not tossed about intensively in meetings as secret as all the rest.
'What becomes readily apparent from watching the progress that these very dedicated and intelligent individuals have made over the past 10 days is that Apple and AT&T have gone to great lengths to lock down this device', write Jacqui Cheng, Clint Ecker, and Ken Fisher at Ars Technica.
Indeed.
All the while the hopeless outsiders - raising the stupid bar with ludicrous statements like 'I like the iPhone for what it is but my Windows Mobile phone is much better IMHO' - who have absolutely no clue what's going on take any offered opportunity to pounce on something they neither know nor understand.
For it's one thing for an 'educated' computer user aware of basic security issues to raise an eyebrow to running user land apps as root and it's quite another for hopeless clueless Windows users to try to do the same thing - when they have neither user land, root, or any of the basic security a Unix system affords.
Just a hopeless mess.
Anyone running a 'Windows mobile device' with open eyes has to be on prescription medication. Medication that obviously isn't doing its job. Either that or they have to be incorrigibly irretrievably stupid.
No matter what questions remain about iPhone security no talent on earth - not even the minions of Mister Bill's 'programming force' - could drag it down to the depths of 'Microsoft technology' - the mother of all oxymorons.
People smart enough and responsible enough to not run (as Sun cofounder Bill Joy put it) 'a standalone system on the net with no thought for security' have also gone back to school and learned what security really is. And many of them have learned their lessons well.
So when crash dumps for iPhone user land applications start turning up 'effective UID 0' it's a sign of good schooling and a successful educational effort they raise their eyebrows and voice their concerns.
It is not a sign that the likes of Seth Fogie, Jerry Pournelle, the Motley Fool, and all the gun toting nutters who think it's macho to kill and use Windows have any more clue than yesterday.
See Also AT&T iPhone Alpine Dottie Effective UID: 0 iPhone Ramdisk iPhone and the Media iPhone and Full Disclosure iPhone OS X System Architecture iPhone: A Bit of This, A Bit of That iPhone Bootloader: Hackint0sh Progress Report
Thanks to Devon at Pixel Groovy for the excellent artwork.
|