iPhone security

Apple has finally addressed complaints that its mobile devices including the iPhone and iPad are tracking users by recording cellular tower triangulation data. The company issued a Q&A document to explain exactly what's happening on the devices they manufacture and how they plan to remedy the issues that even some members of Congress have expressed concerns over.

Apple is already facing lawsuits over the tracking issue, which was revealed by security researchers. Although individual devices have locally stored logs of location data going back as far as the installation of iOS 4.0, Apple insists that the company can't track individuals as any data it collects is anonymous and encrypted. According to the Q&A document, the purpose of these transmissions is to build better location based services and individual iPhones are never tracked at all.

Here's a surprise: no-jailbreak remote iPhone unlock services Cut Your Sim and others are out of business. Apparently their supplier couldn't continue making unauthorized changes to Apple's IMEI database and needs to postpone the service indefinitely. These services were charging a fee of $170 or more to unlock iPhones in a process they claim is permanent without violating the terms of Apple's warranty.

Luckily those who were in line to have their devices unlocked are getting their money refunded. It's not clear why the unlocking procedure had to be stopped, whether it was Apple getting involved or figuring out exactly where the leak was in their database security. What's interesting is that even the operators of Cut Your Sim aren't sure exactly how the iPhones are unlocked, just that the process originates from the UK.

Questions surrounding iPhone tracking have exploded recently thanks to the revelation that cellular-capable iOS 4 devices have been recording their location accurately and consistently since the firmware installation date. All of this location information is logged in a single file that can be parsed and mapped by the new iPhone Tracker application. Although some users don't care about this kind of thing, others are concerned and will want to stop their mobile device from logging location data.

As it turns out, turning off Location Services under Settings will not help, as this only controls the GPS chip inside the iPhone. Security researchers Pete Warden and Alasdair Allan have discovered the location data comes from cellular network tower triangulation, which doesn't require communication with satellite GPS.

Now there's another reason to update your iPhone when Apple releases the iOS 4.2 firmware this November. The company has stated they are aware of the passcode lock security flaw and will issue a fix with the update. It's not clear whether or not Apple had the fix on their radar before reports about the security hole hit the web this week.

A forum user posted the simple procedure which allows iPhones to be accessed even if passcode lock is engaged. With a simple button sequence at the right time the Phone app can be accessed along with all of the contact information stored on an iPhone. Contacts can be called, emailed or even sent an MMS once the iPhone has been accessed, completely avoiding the four-digit passcode.

Apple has released a security fix for iOS 4 and users now have to decide whether or not to install the update. There are pros and cons to installing the update, mostly revolving around whether or not you're interested in jailbreaking your device. The security problem was first discovered and used by the Dev-Team to hack iOS 4 and provide a simple way to jailbreak through the Safari browser.

Now that Apple has released a fix, the developer responsible for the JailbreakMe 2.0 in-browser jailbreak software has made the source code of his exploit public. Let's be clear, the iOS 4.0.2 update will make jailbreaking with JailbreakMe 2.0 impossible, however now that the source code of the jailbreak is public, security threats are bound to multiply.