iPhone Joins the 21st Century! (MMS)

I just received the following text message on my iPhone:

AT&T Free Msg: Pic/video msg (MMS) is now available for iPhone.  Pic/video msgs you send/receive will be $.30 unless you have a msg plan.  Go to att.com/mywireless to add a plan.  To enable MMS, connect iPhone to computer & click Check for Update in iTunes, then restart iPhone.  Reply stop to end mktg msgs.

I don't think they could've worded that in a more confusing fashion.  For those worried you are getting up-charged for MMS, don't worry, you aren't as long as you have any form of text messaging plan, which I would assume just about any cell phone user these days has.  Each MMS is going to be just like a single text and nothing more.

All I can say is: It's about freakin' time AT&T.

MSS Finally Hit's iPhone...September 25th

So clearly, "late summer" means early fall. Great work AT&T!

Anyways, upon hearing about the release of iPhone OS 3.1, I remembered reading a rumor that AT&T could likely give us the long awaited MMS functionality on this day. Well, according to Gizmodo, not so much, but at least we finally have a date for it, September 25th.

The best part of this whole AT&T failure from that article is that, despite previous claims, the issue with MMS was indeed a subpar network:

We know that iPhone users will embrace MMS. The unique capabilities and high usage of the iPhone's multimedia capabilities required us to work on our network MMS architecture to carry the expected record volumes of MMS traffic and ensure an excellent experience from Day One. We appreciate your patience as we work toward that end.

Just wow...

Oh and don't expect tethering to hit your iPhone September 25th either, that is definitely not happening. AT&T has actually said their network wouldn't be able to cut it and they are coming up with a pricing plan. There is no hard date...or even a guess at one as of now.

And yes, AT&T is still the only carrier in the world to not have MMS and tethering support at this time for the iPhone.

Apple Releases iPhone OS 3.0.1, Patches SMS Exploit

Apple has released OS 3.0.1 via iTunes and it is the fix we've been looking for in regards to fixing the SMS exploit. I would definitely suggest downloading this ASAP if you own an iPhone unless you would like to allow someone to make your phone act like Skynet.

iPhone SMS Exploit Should Be Patched by the Weekend

In following up with yesterday's story, I saw that AppleInsider had gotten wind of a BBC report that the iPhone SMS exploit should be patched by this weekend via an iTunes update.

For tech-heads that want more detail about how this exploit actually worked, the AppleInsider article detailed it:

The exploit takes advantage of the fact that SMS can send binary code to a phone. That code is automatically processed without user interaction, and can be compiled from multiple messages, allowing larger programs to be sent to a phone. The exploit supposedly exposes the iPhone completely, giving hackers access to the camera, dialer, messaging and Safari. It occurs regardless of hardware revision or which version of the iPhone OS is running.

The technique involves sending only one unusual text character or else a series of "invisible" messages that confuse the phone and open the door to attack. Because users won't know whose messages to block in advance, there's little iPhone owners can do but to shut off the phone immediately if they suspect they're at risk -- a real problem as the trick could also be used to make an iPhone send more messages of its own.

Hopefully this will indeed put any fears of possible hijacking by SMS to rest. Again, I will continue to update if I see any more news.

Potential Security Hole Reportedly Found in iPhones

According to a recent Forbes report (and many other reports all over), two researches will plan on revealing a major security hole in iPhones this afternoon (Thursday, July 30th) at the Black Hat cybersecuirty conference. SMS text messages are apparently the culprit as detailed below:

If you receive a text message on your iPhone any time after Thursday afternoon containing only a single square character, Charlie Miller would suggest you turn the device off. Quickly.

That small cipher will likely be your only warning that someone has taken advantage of a bug that Miller and his fellow cybersecurity researcher Collin Mulliner plan to publicize Thursday at the Black Hat cybersecurity conference in Las Vegas. Using a flaw they've found in the iPhone's handling of text messages, the researchers say they'll demonstrate how to send a series of mostly invisible SMS bursts that can give a hacker complete power over any of the smart phone's functions. That includes dialing the phone, visiting Web sites, turning on the device's camera and microphone and, most importantly, sending more text messages to further propagate a mass-gadget hijacking.

"This is serious. The only thing you can do to prevent it is turn off your phone," Miller told Forbes. "Someone could pretty quickly take over every iPhone in the world with this."

The problem has been reported to Apple; however, I have yet to see any official statement from them, but I will continue to look for them throughout the day. The best I have seen so far is an article from AppleInsider stating that Apple is indeed working on a fix and was supposed to be out at the end of this month (July) and before the conference reveals the bug too all.

Charles Miller is the one primarily responsible for finding this nice little loophole, and he's done it before. So I would definitely believe this exploit is legit.

Being an iPhone owner myself, I will definitely be staying on top of this as best as possible. In the meantime, if you see any strange characters in a SMS text message, shut your iPhone off. Of course, if you don't even want to risk it, you can try keep your iPhone off until this problem is resolved.

Although I'm sure that route will be as easy and trying to cut off a heroine addict cold turkey.

Quick little update: Found a CNET article that describes in detail what this hack can do.