iPhone Impenetrable? Not So Much

According to security researcher Charlie Miller, Apple (Nasdaq: AAPL  ) may have fumbled with its latest iPhone.

"They messed up," Miller, an analyst at Independent Security Evaluators (ISE), told ComputerWorld. He's referring to a Mac OS X bug that was found months ago, yet wasn't patched on the iPhone until a week ago, with the release of the new 3G model and the 2.0 version of the iPhone software.

"For three months, I was walking around with a vulnerable iPhone," Miller continued. "They had the vulnerability and the exploit, they understood the exploit because they patched it on Mac OS X, but then they said that they didn't know that [the iPhone] was vulnerable."

How big a gaffe is this? Big enough -- though, honestly, I think it's more carelessness on Apple's part than stupidity. Miller is right; Mr. Mac's coders immediately went to work plugging the OS X hole he found in March. As ComputerWorld reports, the trouble didn't start until after Apple asked Miller whether the bug could wend its way into the iPhone's version of the Safari Web browser. Miller didn't know, and since he was traveling in Canada at the time, he didn't expand his testing. Apple apparently failed to investigate further.

Luckily, there have been apparantly no reports of an iPhone-enabled security breach. Still, of 13 known iPhone security holes filled last week, ComputerWorld says that Apple addressed every one in Mac OS X updates between March and June. But while Mac users were safe, iPhone users weren't.

That's just awful.

Apple is playing, and winning, the business equivalent of a high-stakes poker game. Great cards (read: the iPod, the iPhone, and new iMacs) have been flowing its way. Every bet is paying off. Our Stock Advisor subscribers, many of whom owned shares of Apple before David Gardner recommended the stock in the February issue, couldn't be happier.

Yet the central truth of poker -- that one ill-conceived and poorly timed bet can kill you -- applies here, too. Unpatched security flaws? That sounds way too much like the Microsoft (Nasdaq: MSFT  ) of 10 years ago.

Where does the iEmpire get off being lazy at the time of its maximum opportunity? Dell (Nasdaq: DELL  ) , once a mortal threat, is in retreat. Research In Motion (Nasdaq: RIMM  ) , and Nokia (NYSE: NOK  ) are all but imitating the iPhone.

This is the time for Apple to be at its best. It's the least its investors deserve.

Further fully secure Foolishness:

Apple is a Stock Advisor selection. Dell and Microsoft are Inside Value picks. Try either of these market-beating services free for 30 days. There's no obligation to subscribe.

Fool contributor Tim Beyers owned shares of Nokia at time of publication. Tim is a member of the Rule Breakers team and the proud owner of a MacBook Pro, which he used to write this article. The Motley Fool's disclosure policy ran security for underground card club a few years back.


Read/Post Comments (3) | Recommend This Article (8)

Comments from our Foolish Readers

Help us keep this a respectfully Foolish area! This is a place for our readers to discuss, debate, and learn more about the Foolish investing topic you read about above. Help us keep it clean and safe. If you believe a comment is abusive or otherwise violates our Fool's Rules, please report it via the Report this Comment Report this Comment icon found on every comment.

  • Report this Comment On July 18, 2008, at 5:13 PM, taojoness wrote:

    get real! nobody was affected by this esoteric "flaw" windows has thousands of them that have persisted for years and the bottom line is its fixed. go find something real to bash apple with …you were probably a hall monitor in high school

  • Report this Comment On July 18, 2008, at 5:40 PM, TMFMileHigh wrote:

    I see. The end justifies the means. Right. I'm as big a Mac fan as there is but, as an investor, I have to call it as I see it. Apple can't afford to be lazy. Here, on this issue, it was.

    FWIW and Foolish best,

    Tim

  • Report this Comment On July 19, 2008, at 2:47 PM, pk22901 wrote:

    Tim,

    There are 2 real issues with security:

    1 - Is the target commercially attractive? (If it's broken into, can someone make a lot of $$$?).

    2 - How easy is it to get into and how deeply can we control the target?

    Breaking into a Mac (or Linux) today doesn't offer an attractive reward. Not, at least, when you compare it to Windows: There's millions being made on Windows every day and possibly zero (Can't prove it.) on the Mac.

    Windows was ENGINEERED to be very easy to modify - Picture a house w/ windows, doors, and NO LOCKS.

    Mac (Unix) was engineered to be secure (House with locks). The house with locks can still be broken into, but as a criminal which would you target for your next heist?

    Tim, for some detailed security pointers, check the blog at roughlydrafted.com...

Add your comment.

Sponsored Links

Leaked: Apple's Next Smart Device
(Warning, it may shock you)
The secret is out... experts are predicting 458 million of these types of devices will be sold per year. 1 hyper-growth company stands to rake in maximum profit - and it's NOT Apple. Show me Apple's new smart gizmo!

DocumentId: 688253, ~/Articles/ArticleHandler.aspx, 9/20/2014 2:14:23 PM

Report This Comment

Use this area to report a comment that you believe is in violation of the community guidelines. Our team will review the entry and take any appropriate action.

Sending report...


Advertisement