Read this in Gizmodo: Seem Apple will have a patch out to take care of the SMS hijack issue tomorrow after knowing for .. what .. 6 WEEKS?? Oh, but 24 hours after everyone knows about it, AND people are yelling their collective heads off for a fix, AND it gets demo’ed and released at black hat.. sure, 24 hours we’ll have a fix. The funny part? Apple STILL has said nothing. This came from its United Kingdom wireless partner O2.
Now, this is going to be updated via iTunes. I’m guessing this will kill jailbreak, so I have to decide what I’m going to do here. Since it will take a month to fix, and 90% of the phones will be fixed, AND I’m HOPING AT&T puts a fix in at the tower level, I’m going to wait till 3.1. (waiting to see if the dropped calls are fixed. If not, by by iphone).
Ok, well at least its fixed. In full disclosure, we were not in any real danger in the short term given that Charlie Miller and Collin Mulliner, who found the exploit took around a month to write the code. Still, just bugs me. Now, MS Mobile and Android still need to patch their phones, so we’ll keep an eye out.
Still on the FAIL list? AT&T. The better fix would be to simply block the SMS code that can cause this issue at the tower, problem solved. But no, from what I’ve heard on the interwebs, AT&T did not even contact the guys who discovered this bug to ask for the string(s) to block. Feh.