Breaking: iPod touch root read access achieved

Props dev team! Great work!

...which is why Apple's only choice is only to patch any such exploits.

You know.. I don't think this is a great exploit. Sure.. it works, but what if someone decides to make a virus that exploits this as well? So you have a choice.. update to patch up this exploit or have more apps and have a virus.

I really don't know sh*t about sh*t... But instead of going through this little game with the rapidly growing demonic power of apple over and over again upon each successive firmwear update - why doesn't someone just create a new hack version of itunes to work specificly with Ipod touch... If we controlled the mother program we could then use the Ipod touch for what it could ulimatly be... I think??? any thoughts???

"This means there is no reason to update the iPod cuz its not a phone and it prolly wont get any new features."

How about updating when iTunes requires it before it will let you sync anything? That's a simple requirement to add. May cause a ruckus, but if they do it, you either update so you can sync, or you gripe about your hacked iPod Touch that doesn't have any new content on it.

UH you guys are funny saying that it will just be patched and so its all worthless. We're talking about the iPod Touch here, not the iPhone. This means there is no reason to update the iPod cuz its not a phone and it prolly wont get any new features. Apple screwed up and it cant be undone. Now we can have 3rd party apps on our ipod Touch Forever....Forever. This is very exciting! Props to the Dev team!

starkruzr/#23: "Zink: Why are you rooting for Apple to win and for those who actually care about the platform, its users and its potential to change the market to lose?"

Aside from the ridiculousness of the part you paint yourself in, this has nothing to do about me rooting for anyone to win or lose - rather with me pointing out a bit of realism.

As for your statement, "I *am* rooting for the platform, and it's potential to change the market, which is precisely I am not on the side of immature dorks with the mental and emotional maturity of 5-year olds.

Apple will provide, in due time, and on their terms, the features we all find useful and desirable - they just won't do it today, or tomorrow, or when you *demand* it. iPhone has two years to roll out regular monthly updates adding features. Over the course of the next 21 updates, the pieces will slowly, but reliably fall into place - when they are ready.

Right now, a lot has been hinging on Leopard's release, which will bring a slew of additional features for iPhone (and, no, this does not mean that the day of the Leopard release, Apple *must* release an update with all these features), mostly because iPhone runs Leopard, and a lot of the frameworks to allow synching with Leopard services.

Let's see where we are at in 90 days, shall we - but I can assure that any vulnerabilities being discovered now, are going to be patched by then -- as they should (look up the meaning of 'vulnerability' when you have a chance).

DrunkDwarf/#31 pretty much nailed my personal feelings about Erica, her alleged Computer Science degree, and her attitude about the exploitation of found vulnerabilities... Let's just say that it's not necessarily the attitude of a professional...

I think everyone is forgetting that you don't have to upgrade your firmware unless Steve releases some new feature that EVERYONE would want... like 3rd party support.

I think Apple will patch the tiff bug because its a security flaw that could crash the browser. Apple said they won't try to stop hacks, just the Phone unlocking. I don't think they'll aim to break the hacks, but they won't support them either.

Besides, once the device is hacked, maybe we could get the keys to decrypt it for surviving future updates.

Erica, are you going to run around screaming when Apple moves to close this serious security hole?

What keeps a Russian Criminal Gang from exploiting this TIFF file exploit to extort money from Apple? "Pay us $10 million or we start bulk emailing a TIFF that will damage the baseband firmware of every iphone we can reach at a mac.com email address?"

Your PhD is supposed to be in computer science. Are you really so clueless as to the mis-uses of what you all are playing with? Normally responsible people report this class of security issue, they don't exploit it and risk it being mutated out in the wild into something very nasty. Its one thing to use something like this on a PSP, quite another thing when its used on a portable terminal plugged into a global cellular network.