iPhone update 1.1.1. now available

We'd like to hear from the adventurous hackers, if "bricking" has occurred. SV

iPhone v1.1.1 Update

*

Bluetooth

CVE-ID: CVE-2007-3753

Impact: An attacker within Bluetooth range may be able to cause an unexpected application termination or arbitrary code execution

Description: An input validation issue exists in the iPhone's Bluetooth server. By sending maliciously-crafted Service Discovery Protocol (SDP) packets to an iPhone with Bluetooth enabled, an attacker may trigger the issue, which may lead to unexpected application termination or arbitrary code execution. This update addresses the issue by performing additional validation of SDP packets. Credit to Kevin Mahaffey and John Hering of Flexilis Mobile Security for reporting this issue.

*

Mail

CVE-ID: CVE-2007-3754

Impact: Checking email over untrusted networks may lead to information disclosure via a man-in-the-middle attack

Description: When Mail is configured to use SSL for incoming and outgoing connections, it does not warn the user when the identity of the mail server has changed or cannot be trusted. An attacker capable of intercepting the connection may be able to impersonate the user's mail server and obtain the user's email credentials or other sensitive information. This update addresses the issue by properly warning when the identity of the remote mail server has changed.

*

Mail

CVE-ID: CVE-2007-3755

Impact: Following a telephone ("tel:") link in Mail will dial a phone number without confirmation

Description: Mail supports telephone ("tel:") links to dial phone numbers. By enticing a user to follow a telephone link in a mail message, an attacker can cause iPhone to place a call without user confirmation. This update addresses the issue by providing a confirmation window before dialing a phone number via a telephone link in Mail. Credit to Andi Baritchi of McAfee for reporting this issue.

*

Safari

CVE-ID: CVE-2007-3756

Impact: Visiting a malicious website may lead to the disclosure of URL contents

Description: A design issue in Safari allows a web page to read the URL that is currently being viewed in its parent window. By enticing a user to visit a maliciously crafted web page, an attacker may be able to obtain the URL of an unrelated page. This update addresses the issue through an improved cross-domain security check. Credit to Michal Zalewski of Google Inc. and Secunia Research for reporting this issue.

*

Safari

CVE-ID: CVE-2007-3757

Impact: Visiting a malicious website may lead to unintended dialing or dialing a different number than expected

Description: Safari supports telephone ("tel:") links to dial phone numbers. When a telephone link is selected, Safari will confirm that the number should be dialed. A maliciously crafted telephone link may cause a different number to be displayed during confirmation than the one actually dialed. Exiting Safari during the confirmation process may result in unintentional confirmation. This update addresses the issue by properly displaying the number that will be dialed, and requiring confirmation for telephone links. Credit to Billy Hoffman and Bryan Sullivan of HP Security Labs (formerly SPI Labs) and Eduardo Tang for reporting this issue.

*

Safari

CVE-ID: CVE-2007-3758

Impact: Visiting a malicious website may lead to cross-site scripting

Description: A cross-site scripting vulnerability exists in Safari that allows malicious websites to set JavaScript window properties of websites served from a different domain. By enticing a user to visit a maliciously crafted website, an attacker can trigger the issue, resulting in getting or setting the window status and location of pages served from other websites. This update addresses the issue by providing improved access controls on these properties. Credit to Michal Zalewski of Google Inc. for reporting this issue.

*

Safari

CVE-ID: CVE-2007-3759

Impact: Disabling JavaScript does not take effect until Safari is restarted

Description: Safari can be configured to enable or disable JavaScript. This preference does not take effect until the next time Safari is restarted. This usually occurs when the iPhone is restarted. This may mislead users into believing that JavaScript is disabled when it is not. This update addresses the issue by applying the new preference prior to loading new web pages.

*

Safari

CVE-ID: CVE-2007-3760

Impact: Visiting a malicious website may result in cross-site scripting

Description: A cross-site scripting issue in Safari allows a maliciously crafted website to bypass the same-origin policy using "frame" tags. By enticing a user to visit a maliciously crafted web page, an attacker can trigger the issue, which may lead to the execution of JavaScript in the context of another site. This update addresses the issue by disallowing JavaScript as an "iframe" source, and limiting JavaScript in frame tags to the same access as the site from which it was served. Credit to Michal Zalewski of Google Inc. and Secunia Research for reporting this issue.

*

Safari

CVE-ID: CVE-2007-3761

Impact: Visiting a malicious website may result in cross-site scripting

Description: A cross-site scripting issue in Safari allows JavaScript events to be associated with the wrong frame. By enticing a user to visit a maliciously crafted web page, an attacker may cause the execution of JavaScript in the context of another site. This update addresses the issue by associating JavaScript events to the correct source frame.

*

Safari

CVE-ID: CVE-2007-4671

Impact: JavaScript on websites may access or manipulate the contents of documents served over HTTPS

Description: An issue in Safari allows content served over HTTP to alter or access content served over HTTPS in the same domain. By enticing a user to visit a maliciously crafted web page, an attacker may cause the execution of JavaScript in the context of HTTPS web pages in that domain. This update addresses the issue by limiting access between JavaScript executing in HTTP and HTTPS frames. Credit to Keigo Yamazaki of LAC Co., Ltd. (Little eArth Corporation Co., Ltd.) for reporting this issue.

Installation note:

This update is only available through iTunes, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an internet connection and have installed the latest version of iTunes from www.apple.com/itunes

iTunes will automatically check Apple's update server on its weekly schedule. When an update is detected, it will download it. When the iPhone is docked, iTunes will present the user with the option to install the update. We recommend applying the update immediately if possible. Selecting "Don't install" will present the option the next time you connect your iPhone.

Apple

Read more »

Truphone to demonstrate first VoIP-over-WiFi call on Apple's iPhone

Truphone breaks new ground. SV

Key facts

iPhone demonstration

1. Many people have called for true VoIP calling on Apple's iPhone. Truphone will today prove that it is possible using the iPhone's in-built Wi-Fi capability.
2. Truphone's demonstration will comprise two iPhones connected to Wi-Fi on the DEMOfall 07 stage. A VoIP call will be initiated from one handset, routed via Wi-Fi and the Internet to Truphone's servers, and then back again to the access point and onwards to the destination handset - a 100% IP phone call.
3. Today's event will be a live demonstration only and is not a commercial launch of Truphone on the iPhone.
4. Truphone does not need to unlock the SIM in order to operate its service for the iPhone.


Facebook demonstration

1. The company will also give a demonstration today of an application that mashes up social networking site Facebook with traditional telephony. The big differentiator between Truphone's demonstration and other applications for Facebook is that Truphone is the only one to embed an actual phone into the very heart of Facebook.
2. Facebook users will be able to drop their Truphone 'Call Me' button onto their friends' Walls and also embed it into Facebook messages. People will be able to allow other people to call them, while keeping their actual number confidential.
3. The Truphone 'Call Me' button for Facebook to be demonstrated today showcases the potential for additional innovative services enabled by Truphone's all-IP internet telephony infrastructure.
4. Truphone's Facebook application is currently in development.

Truphone

Read more »

Unlocked iPhone Warranty voiding

Hacking can be a risky business. SV

Saying it had found that many of the unlocking programs "cause irreparable damage to the iPhone's software," Apple spelled out the policy. "Users who make unauthorized modifications to the software on their iPhone violate their iPhone software license agreement and void their warranty," the company said in a statement. "The permanent inability to use an iPhone due to installing software is not covered under the iPhone's warranty."

Computerworld

Read more »

iPhone AutoSync

Making life a little less stressful, one product at a time. SV

iPhone AutoSync, What is it?

Out of the box, the iPhone does a great job of synchronizing with the Mac’s built in PIM applications, Address Book and iCal, and bookmarks, courtesy of Safari.
Enter iPhone AutoSync! iPhone AutoSync monitors your three synced applications, and, when changes are made, makes a note. After a few minutes, if no more changes have been made, it triggers a sync with your phone. Thus all your information in up to date in both places, pretty much all the time.

Standalone

Read more »

Apple's iPhone France: Launch November 29th

Mais oui, Apple et l'Orange.

Who said you can't talk about Apples and Oranges at the same time?
Orange has 2000 WiFi hotspots in Paris! SV


InformationWeek

Flicker

Read more »

IPhone Introduced to Europe, Where Standards Differ

By ERIC PFANNER
Published: September 19, 2007

LONDON, Sept. 18 — Apple introduced the iPhone to Europe on Tuesday, hoping to entice consumers with a sleek design and the power of the Apple brand, even as it flouts some of the technological and marketing conventions of the European mobile business.

Steve Jobs was in London on Tuesday to announce that Britain would be the first European country to get Apple's iPhone.
Steven P. Jobs, the Apple chief executive, said the iPhone would become available to British consumers in November in an exclusive arrangement with O2, a mobile network operator owned by Telefónica of Spain. Similar deals are expected to be announced with the T-Mobile subsidiary of Deutsche Telekom in Germany and with the Orange unit of France Télécom.
The iPhone, which allows users to make calls, browse the Internet, check e-mail and play songs and videos by running their fingers over a touch-sensitive screen, has been a hit in the United States, where more than one million were sold in the first three months of its release.
But analysts say Apple may have a tougher time in Europe. They expressed disappointment that the iPhone to be sold in Europe was identical to the one in the United States, meaning that it would be unable to take advantage of faster European wireless networks for Web browsing and media downloads.

Mr. Jobs said Apple had decided against making the phone compatible with the faster third-generation mobile networks because the chip sets for 3G-compatible phones used up battery power too quickly. “They’re real power hogs,” he said in London, adding that it might take until late next year for the technology to advance enough to make a 3G iPhone.
Mr. Jobs said the iPhone would overcome this hurdle by relying heavily on Wi-Fi technology, which provides broadband Internet access for laptop computers and other devices, though only when they are stationary. When iPhones are on the move, they will shift to a mobile technology called Edge, which is also use by AT&T, Apple’s exclusive network partner in the United States.
But Matthew Key, chief executive of O2 in Britain, said Edge would be available in areas covering only about 30 percent of the British population when the phone is introduced in Britain on Nov. 9.

Also, 20 percent of British mobile users already have 3G-enabled phones, according to M:Metrics, a research firm. “There’s no doubt it’s going to be an obstacle for Apple,” said Paul Goode of M:Metrics. “You’re going to be asking people to downgrade in terms of capability.”
Apple is also going against the grain of the European mobile business by charging £269 ($538) for the phone in Britain, and locking customers in to 18-month contracts at monthly rates of £35 to £55 ($70 to $110). Typically, carriers discount even high-end cellphones in Europe.
“Sometimes you get what you pay for,” Mr. Jobs said.
O2 customers will also get unlimited data transfers with their iPhones, an effort to stimulate use of the mobile Internet and multimedia services.
T-Mobile planned to announce on Wednesday an exclusive agreement to sell the iPhone in Germany, according to a person briefed on the negotiations. There, the phone will sell for 399 euros ($555), this person added.
Carolyn Owen, a spokeswoman for Orange, declined to confirm reports that Apple would soon announce a similar agreement in France.
Europe has generally been a trickier place than the United States for Apple to do business. The company’s iPod music player has a roughly 20 percent market share in Europe, including 40 percent in Britain, compared with 60 percent in the United States, according to M:Metrics.
Regulators and consumer groups in several countries have also objected to some of Apple’s business practices.
This week, for instance, the European Commission plans hearings on a complaint that Apple’s iTunes online music store violates competition rules by charging Britons more than other Europeans for downloads. Apple has said its agreements with music companies and the organizations that oversee musical copyrights are to blame.
Despite Apple’s struggles in Europe, analysts say the region could still turn into a lucrative market for the iPhone.
Europeans, for instance, are more likely to opt for high-end multimedia phones than Americans. In June, according to M:Metrics, only 6 percent of cellphones sold in the United States were so-called smartphones, compared with 12 percent in Britain and 24 percent in Italy — a market where Apple has not yet indicated its iPhone plans.
Kevin J. O’Brien contributed reporting from Berlin.

Read more »

Apple iPhone - It Will Change Your Life

The apple iPhone is a latest mobile phone that allows you to make a call by simply pointing your finger at a name or number in your address book, a favorites list, or a call log. It also automatically syncs all your contacts from a PC, Mac, or Internet service. And it lets you select and listen to voicemail messages in whatever order you want — just like email. With iPhone, making a call is as simple as touching a name or number. In addition, you can easily construct a favorites list for your most frequently made calls, and quickly merge calls together to create conference calls.
It is unique phone with slim profile and no keys - it has 3.5 inches touch display that uses multy-touch technology for navigation. A sensor controls the orientation of the display, and MAC OS X controls the smart phone’s functionality. It is quad-band GSM/EDGE device with WiFi and Bluetooth, and features 8GB of memory.
Visual Voicemail allows you to go directly to any of your messages without listening to the prior messages. So you can quickly select the messages that are most important to you. IPhone includes an SMS application with a predictive QWERTY soft keyboard that prevents and corrects mistakes, making it easier and more efficient to use than the small plastic keyboards on many smart phones. The iPhone features a 2-megapixel camera and a photo management application that goes far beyond anything on a phone today. Sync photos from your PC or Mac, and you’re ready to browse or email them with the flick of a finger. With iPhone, making a call is as simple as touching a name or number. In addition, you can easily construct a favorites list for your most frequently made calls, and quickly merge calls together to create conference calls.
Handheld and mobile digital electronic devices for the sending and receiving of telephone calls, faxes, electronic mail, and other digital data; MP3 and other digital format audio players; handheld computers, personal digital assistants, electronic organizers, electronic notepads. And there are a number of nice touches as well, including a motion sensor that rotates photos when you turn the phone, and voicemails displayed visually that you can click on and listen to. As we all expect from Apple, this is a seriously buttoned up device.
Apple iphone
Adam Caitlin is expert author of Mobile Phone. Please have a look at Contract Phones
Article Source: http://EzineArticles.com/?expert=Adam_Caitlin

Read more »

iPhone accessories: a watch?

Timex has a watch, iControl, which lets you have remote control capability with iPods.
It might actually work with the iPhone.
Let us know if you have tried it. SV


Timex

Watchreport

Read more »

iPhone JAVA programs:bookmarklets

Necessity is the mother of invention.

Here is the explanation by Steve Kangas.
Many can be used with Safari.
Let us know which are your favorites. SV


How do they work?
Each bookmarklet is a tiny program (a JavaScript application) contained in a bookmark (the URL is a "javascript:" URL) which can be saved and used the same way you use normal bookmarks. The idea was suggested in the Netscape JavaScript Guide.

JavaScript has been used by page authors on millions of webpages; Bookmarklets allow anybody to use JavaScript - on whatever page you choose (not just your own page).

Bookmarklets are simple tools that extend the surf and search capabilities of Netscape and Explorer web browsers.

Bookmarklets are free.

Bookmarklets allow you to:

* Modify the way you see someone else's webpage.
* Extract data from a webpage.
* Search more quickly, and in ways not possible with a search engine.
* Navigate in new ways.

...and more. Over 150 bookmarklets are available.

Bookmarklets work on all platforms (Windows, Macintosh, Unix,...)

You do not have to download or install software to use Bookmarklets.

Bookmarklets

Samrod

Read more »

iPhone Medical Software/Reference survey results

As of September 09, 2007, we have 41 votes for an application running on the device vs 3 votes for a Web 2.0 application accessible via Edge or WiFi.
We have 40 days left to this voting cycle, so tell your peers and friends to visit and be heard. Speaking of which, feel free to add comments to explain your decision. SV

Click here to join the survey

Read more »

Share your iPhone insights with us

We can't review all the great sites out there.
If you are an iPhone user or iPhone (software/accessory) vendor, add a comment and share.

We will all benefit. SV

Read more »

iPhone: Germany, T-Mobile

Here is an ad posted on the Net.

Upgraded memory and Broadband access!
Christmas is coming soon. SV

Electronista

Read more »

iPhone 100 dollars "refund"

Yep, you got to hand it to Mr Jobs.
No other major manufacturer in recent history has done this.
A $100 store credit is not the same as cash, but better than anyone else would have done.

Having purchased technology often considered bleeding edge, I too have a little "buyer's remorse" as prices dropped or the edge moved faster than I anticipated.
I did however enjoy and benefit from the use of these products and that more than offset the inevitable price drop and technology advancement.

Now both early adoptors and frugal buyers win.

Thanks Mr Jobs.

P.S. If you used a credit card with a price protection option, you may be able to get the full $200 cash, American money. SV

Apple letter

Read more »

Apple Cuts iPhone Price Ahead of Holidays

Apple unexpectedly cut the price of its iPhone Wednesday, claiming that it was seeking to broaden the market for the popular but expensive phone for the Christmas season.

A new iPod model has touch-screen controls and built-in Wi-Fi.
Apple also introduced a new digital music player modeled after its iPhone and struck a wireless music distribution deal with the Starbucks coffee chain. Apple, which rarely drops the prices on its products, cut the price of its 8-gigabyte iPhone by $200, to $399.

Steven P. Jobs, the chief executive, said in an interview after the announcement that Apple would have been able to hit its publicly declared target of a million iPhones sold in the United States by the end of this month, even without a price cut.

“We’re a high-volume manufacturer, and we’re pretty good at getting costs down,” Mr. Jobs said. “It’s very clear we have a breakthrough product on our hands, but it’s also clear that many can afford it, some can’t. We’d like to make it affordable to even more folks going into this holiday season.”

Investors appeared to interpret the announcement negatively. Apple’s stock fell more than 5 percent, closing at $136.76, and most of the loss came during and after Mr. Jobs’s presentation Wednesday morning.

“My suspicion is that they got to 750,000 really quickly, and then it started to slow down,” said Van Baker, an industry analyst at Gartner Group.

The iPhone was first sold on June 29. A number of recent analysts’ reports have noted that it is selling well and is, indeed, outselling its smartphone competitors. But Mr. Jobs said that if the company had waited past the Christmas buying season to reduce prices it would have been forced to delay for another year reaching a broader consumer market. “We’re feeling like being more aggressive,” he said.

Chetan Sharma, a telecommunications industry analyst based in Issaquah, Wash., said, “They’re trying to get the next demographic to bite into it.” Another breakthrough Apple product, the original Macintosh, initially sold briskly in 1984 and then stalled abruptly. The Macintosh market did not regain its luster until 1986 with the introduction of the Macintosh II. Apple’s market share among computer makers remains small, in part because of the premium price it places on its Macs. (Apple’s market share in music players has not suffered a similar fate, however.)

On Wednesday, Apple executives insisted that the price cut had been planned long ago and that the strategy had been conceived in part to keep the iPhone’s pricing in line with its new iPod Touch, a music player that looks like the iPhone but lacks the phone-calling ability. The sharp price cut, however, suggested that even Apple, which has long lived in a pricing bubble insulated from other personal computer makers, is not immune from the brutal pressures of the cellular phone business.

Mr. Jobs said the company was making a “total refresh” of the iPod line, and he demonstrated a series of new features that showed how Apple was turning the music player into a hand-held computer.

Mr. Jobs displayed the new flagship iPod Touch, which will sell for $299 for an 8-gigabyte model and $399 for one with twice the capacity. Slightly thinner than an iPhone, the new device has touch-screen controls and a built-in Wi-Fi antenna that allows it to connect directly to the Internet. It also has a browser, which makes it more of a hand-held computer than any other music player.

Users will be able to connect to a new iTunes Wi-Fi store where they can download songs directly to their music players without having to connect to a computer.
Another feature of the iPod software will be the ability to alert a user entering a Starbucks coffee shop to the music being played there. Then, a tap on the screen will download the song from iTunes.

Howard Schultz, Starbucks’s chairman, said Starbucks stores in the United States are being equipped to manage this process. He said that stores in Seattle and New York City would have the ability by Oct. 2 and that other stores across the country would get the service over the next two years.
In other announcements, Apple introduced a new iPod Nano, chunkier than before, but with a bigger screen for viewing video. Mr. Jobs said he still hoped that Apple could salvage its relationship with NBC, which had said it would not sell its programs on iTunes. The two companies could not resolve differences over pricing.

“The other networks are thrilled,” Mr. Jobs said, “because we actually promoted NBC shows a lot last year and we were getting ready to promote them this year for the new season. Unfortunately that’s not going to happen. I think its a loss for both us and NBC, and I hope it gets put back together. But I don’t think that selling TV shows for a lot more than we are makes any sense. You can watch them for free on TV.”

Read more »

iTunes Wi-Fi Music Store

We can access the iTunes store via Wi-Fi
:sample music, make purchases.

Free access at Starbucks too. SV

Apple

Read more »

Cell phones in hospitals

According to the Mayo Clinic, it may be okay to use your newly discounted iPhone at the hospital. SV

ROCHESTER, Minn. -- Calls made on cellular phones have no negative impact on hospital medical devices, dispelling the long-held notion that they are unsafe to use in health care facilities, according to Mayo Clinic researchers.

In a study published in the March 2007 issue of Mayo Clinic Proceedings, researchers say normal use of cell phones results in no noticeable interference with patient care equipment. Three hundred tests were performed over a five-month period in 2006, without a single problem incurred.

Mayo Clinic

Read more »

iPhone price drop: $399 for 8 GB !

It just keeps getting better. SV

MarketWatch

Read more »

iPhone Nano on the way?

According to the Washington Post, it may be sooner than 2008. SV

Washington Post

Read more »