As the current iPhone 1.1.1 locking proves, there is a VERY dangerous flaw in the current iPhone and iPod touch software. A malformed TIF file can be used to get root access to the device. Obviously that is good if you want to install some useful applications on your iPhone/iPod, however that is extremely bad if you are worried about someone taking over your iPhone. Ironically, this might be a good thing for those who accidentally let Apple Brick their iPhones – try to stay with us here…

Theoretically, the malformed TIF file could be used for more nefarious tasks than updating than installing useful apps or updating the modems firmware…stuff like making a 900-number dialer($$ cha – ching $$), a bot installer (iPhone Spam-bot?), a baseband modem crippler or just good old-fashioned bricking the iPhone….

Hypothetically, one of these malformed tif files could even have the same effect as the “bricker” 1.1.1 update. However, this time Apple’s Safari security will be to blame, not the users who are trying to assert their legal right to move the phone to other carriers. The only recourse Apple will legally have is to unBrick all of the iPhones that their update has caused and reset the baseband modem to factor settings.

One has to wonder if the malformed tif file vulnerability would have been discovered and applied to the iPhone had Apple not closed the Intaller.app development community out of the iPhone originally. Perhaps it is better to have these incredibly intelligent people on your side?

About the Author