Thursday, July 30, 2009

Apple: making moves that befuddle us

Listening to both customers and security experts can definitely help your company in the long run. The faster you react to their feedback or concern the better your product will be--and that's the problem we found with Apple.

Apple finally patches SMS flaw in iPhone 3GS

Image representing Apple as depicted in CrunchBaseImage via CrunchBase

If you remember that last time, we reported a serious flaw in the iPhone 3GS. All it took was an SMS and your precious smartphone would be hijacked by someone else. The ones who discovered this potential devaastating vulnerability immediately reported it to Apple, hoping for a quick patch. Unfortunately that was almost a month ago. In order to push the company to move their behinds, the guys who disovered the hack decided to detail on how to do it on a Black Hat meeting.

Charlie Miller and Collin Mulliner told the Black Hat conference in Las Vegas that the hack works by slightly modifying the data - sent by the network and which the user does not see - that arrives as part of a text message.
Which thereafter, Apple issued a statement that they would be patching the Apple OS on the following day. What concerned most people were how Apple dragged their heels to do this.
An O2 spokesperson said the patch would be available Saturday through iTunes.
"We will be communicating to customers both through the website and proactively," the spokesperson added.
"We always recommend our customers update their iPhone with the latest software and this is no different."
Although it may take weeks to properly create a hacking program that will be able to exploit this flaw, we're glad Apple moved in quick at the last minute--saving not only their company but their iPhone 3GS buyers as well. Let's hope everything goes well after the patch.

VoiceCentral follows Google Voice out of the App Store

Besides GV Mobile and Google Voice being taken out of the Apple App store, another--already approved and available in the store for the last four months--was immediately taken down. VoiceCentral is no longer there.
Until this week, everything was going fine for the developer. He submitted the app and was approved by Apple. He released updates and they were approved by Apple. Then, all of a sudden and without warning, his app was pulled from the store.
And when he tried to find out the reason why it was pulled out?
In a blog post on Riverturn's Web site Tuesday, the developer paraphrased the call. At one point the developer asks the Apple rep if there's something he can change in the app so it can be resubmitted to the App Store. The response: "I can't say."
The developer then asks, "if we can't figure out the issue then how will we know whether to resubmit the app. And how will we know whether to invest in any other development efforts? Future apps could be impacted."
The response: "I can't help you with that."
So, if Apple can't give you a reason why an app that you worked hard on for months got suddenly taken out, prepare for the answer: "I can't say." And what's worse the people who bought his app is now asking for a refund he can't provide. Ouch Apple, ouch.

Source for Apple finally patching iPhone OS
Source for VoiceCentral app for the iPhone pulled out of App Store

Reblog this post [with Zemanta]

No comments: