[rmm]

Unbelievable!
Exactly one comment here about security. And not one word in the article to which this topic relates.
The iPhone is of limited value if it can be easily compromised, and that has been demonstrated. Since it runs flavors of the OS X operating system and applications such as Safari, it provides both immense potential for growth and enhanced usage, and significant exposure to identity theft. It might even be usable as a vehicle to compromise desktop Macs or PCs.
Business and government won't seriously consider a system as vulnerable as the iPhone. Individuals with any sensitive information should also be deeply concerned.
Perhaps in the age of MySpace where people "let it all hang out" these are not matters of concern.

[Dan Frakes]

Quote:

---

Launch iPhoneworld.com for heaven's sake and get back to Mac information and tips!

---

We've had as much Mac news on the site as there's been Mac news lately. And, believe it or not, there are actually people out there interested in this iPhone thingy. Should we have just shut the site down from the most recent laptop update until tomorrow's Apple -- and presumably Mac-focused -- event? /forums/ubbthreads/images/graemlins/wink.gif

[Dan Frakes]

Quote:

---

Exactly one comment here about security. And not one word in the article to which this topic relates.
The iPhone is of limited value if it can be easily compromised, and that has been demonstrated. Since it runs flavors of the OS X operating system and applications such as Safari, it provides both immense potential for growth and enhanced usage, and significant exposure to identity theft. It might even be usable as a vehicle to compromise desktop Macs or PCs.

---

There's been a lot of noise about this, but has anyone actually compromised a real, live iPhone in the wild? Is there actually a vulnerability that has been exploited? Apart from the inability to remotely "wipe" the phone if it's lost, is the iPhone really less secure than a Blackberry or Treo or any Windows Mobile smartphone that's currently "accepted" in corporate environments?
The iPhone isn't magically secure, but I think you're overstating the issue, at least based on what's actually happened to this point.

[rmm]

Quote:

---

There's been a lot of noise about this, but has anyone actually compromised a real, live iPhone in the wild? Is there actually a vulnerability that has been exploited? Apart from the inability to remotely "wipe" the phone if it's lost, is the iPhone really less secure than a Blackberry or Treo or any Windows Mobile smartphone that's currently "accepted" in corporate environments?

The iPhone isn't magically secure, but I think you're overstating the issue, at least based on what's actually happened to this point.

---

Charlie Miller demonstrated a serious exploit at the Black Hat conference. OK, so that's not in the wild. And he and his co-workers gave Apple advance notice and a code fix. Read the paper at:

http://www.securitye...itingiphone.pdf
which describes the vulnerabilities they found in something like two weeks of effort.
And these are the good guys.
The iPhone differs from other devices because it uses a genuine mainstream operating system and a widely available web browser. Stripped down to be sure, but capable of running serious software. And capable of being exploited.
So, if the iPhone hasn't been exploited in the wild yet, are you prepared to hang around waiting until some hapless iPhone user shows up on a CitiBank commercial as the victim of identity theft? How long do you think it will take? As noted a couple of posts back, the iPhone has only been in the marketplace for a month. But it has attracted the attention of the hacker community like honey attracts flies. And not everyone's intentions are benign.

[Dan Frakes]

My point is simply that as much FUD has been thrown around about the iPhone's "lack of security," the only actual exploits are stuff like the one you noted -- security researchers discovering things and reporting it to Apple. Apple has already released one security update to the iPhone, and I expect them to release others in response to such reports. This is how it's supposed to work.
That's not to say there won't ever be a real-world exploit; there's not a single computing platform, that I'm aware of, that hasn't been compromised. But let's give the iPhone and Apple a chance before claiming that the iPhone "provides significant exposure to identity theft" and "might even be usable as a vehicle to compromise desktop Macs or PCs."

[rmm]

Quote:

---

My point is simply that as much FUD has been thrown around about the iPhone's "lack of security," the only actual exploits are stuff like the one you noted -- security researchers discovering things and reporting it to Apple. Apple has already released one security update to the iPhone, and I expect them to release others in response to such reports. This is how it's supposed to work.
That's not to say there won't ever be a real-world exploit; there's not a single computing platform, that I'm aware of, that hasn't been compromised. But let's give the iPhone and Apple a chance before claiming that the iPhone "provides significant exposure to identity theft" and "might even be usable as a vehicle to compromise desktop Macs or PCs."

---

Actually, how it's supposed to work is that design is engineered in properly from the start. The thing about quality is that it's 100 times easier to prevent defects from occurring in the first place than it is to remove them.
"FUD" is what I expect competitors and Apple bashers to leak about the iPhone. When someone gets up in front of an audience and demonstrates a hole big enough to drive a truck through, you've left FUD behind.
As columnists and technical advisers ("gurus"), you should be looking critically at products, so it would have been appropriate to raise the issue of security along with the 20 "wouldn't it be nice" features. But maybe I'm expecting MacWorld to act too much like Consumer Reports.

[griffman]

Since it was a list of things to change based on our iPhone experiences, and none of us have had a security issue with the iPhone, it's hardly surprising it didn't come up. Keep in mind this wasn't a review or investigative journalism piece; it was a number of editors thoughts about how the iPhone could be improved, based on our 30 days of hands-on time.
As someone else noted, every device that does anything even remotely useful is probably hackable to some degree. Apple has patched the large hole that was demonstrated at Black Hat, but I'm sure there are others. And even if you have a 100% non-hackable device, the reality is that if you're taking your [insert device name here] into [insert caf name here] and using their [insert free wireless network name here] to connect to the internet, you are taking a lot of risks, even if your device itself is non-hackable.
-rob.

[rmm]

Quote:

---

Since it was a list of things to change based on our iPhone experiences, and none of us have had a security issue with the iPhone, it's hardly surprising it didn't come up. Keep in mind this wasn't a review or investigative journalism piece; it was a number of editors thoughts about how the iPhone could be improved, based on our 30 days of hands-on time.
...
-rob.

---

In that case, I'll be looking forward to the more critical article in the next issue of MacWorld.

[Dan Frakes]

Quote:

---

Actually, how it's supposed to work is that design is engineered in properly from the start. The thing about quality is that it's 100 times easier to prevent defects from occurring in the first place than it is to remove them.

---

Look, you're misconstruing what I'm saying here. I'm not arguing that security isn't important. Nor am I saying that the iPhone couldn't potentially have been more secure out of the gate. What I am saying is that I don't think the situation is as bad as you're making it out to be, and that -- based on a very quick rollout of a security update -- it appears that Apple is taking iPhone security seriously.

Quote:

---

As columnists and technical advisers ("gurus"), you should be looking critically at products

---

I think it's fair to say that we've looked critically at the iPhone. But we've focused on features and usability.

Quote:

---

so it would have been appropriate to raise the issue of security along with the 20 "wouldn't it be nice" features.

---

As Rob just pointed out -- and I've pointed out several times in this thread -- this was an article about our personal wishes for features/changes based on using the iPhone for a month. If it was an article on "things that must happen for the iPhone to be taken seriously by IT people," it would have included full Exchange support, better VPN support, ongoing security vigilance, and many other things /forums/ubbthreads/images/graemlins/wink.gif

Quote:

---

In that case, I'll be looking forward to the more critical article in the next issue of MacWorld.

---

If you're interested, we've published several articles about iPhone security:
http://www.macworld....nemod/index.php
http://www.macworld....ehack/index.php
http://www.macworld....ialer/index.php
http://www.macworld....pdate/index.php
http://www.macworld....urity/index.php

[rmm]

In the context of "wish lists" I have no problem with the article. Our priorities are a little different. You're looking at the user-oriented features, I'm looking at the total product, not just its surface, but its underpinnings. It can be the slickest thing going - probably is - but if someone can steal my address list and other goodies, I can't use it. Nor can I advise my clients to use it, at least not without giving them a heads-up. What they do after that is up to them, I'm their advisor, not their father. However, if I were still in the corporate world, I'd be looking at it very closely before giving any approval for its use.
In my mind, any article on a product like this, even a wish list, should include the caveats. Not all of your readers will have read, or fully comprehended, the list of articles you cited. If they haven't been bitten, they'll blissfully assume they are immune. But many readers will jump on an article like this one, nod their heads approvingly and wait for the fulfillment of your wishes.

[macworf]

Looking beyond fixes for the iPhone, what about extending Apples telephone product line to include home and/or office phone systems that integrates with the iPhone, your .Mac account and the internet?? Cordless phones on the new Apple phone system would need to have better range than current phones, menus that make sense, and an elegant Apple user interface that makes me love using it. It could tie into an Airport network and Skype for free internet long distance phone calls. For people who don't want a land line and just want to use their cell phone for home phone calls, you put your iPhone in a dock when your at home. The dock connects your home phone system, that consists of both corded and cordless phones, to your AT&T iphone account and all calls are routed through it. The home phone system would sync with Address Book (just like the iPhone) for phone numbers and connect to iChat for AIMs and voice chat. Anyone in the world on your ichat buddy list could ring you up for a voice chat using an intercom function on your telephone. Choose to be available or not just like with iChat. Voice mail could sync with your .Mac account and be accessible from any computer with internet access. Voice mail would be run by Phone Valet or an Apple application like it.
A cordless home phone system is something most people have, is something that is not being done that well by existing electronics companies, and would dovetail nicely with a computer network. Most cordless phone systems don't have enough power and fade out when when you get too far from the base station. There are a couple of systems that have stronger signals with great reception, but they are rare. Bang and Olufsen has a great cordless phone with an AWSOME user interface, but EACH handset is like, about $700! Just like home entertainment systems are becoming integrated with computers, and phones are being integrated with MP3 players, cameras and PDAs into one device, so too will telephone systems become integrated into computers and computer/internet networks. The iPhone integration into computers and the internet can't stop with a cell phone, it needs to continue into home and office based phone systems! Apple needs to be on the leading edge of that one just like it was with the ipod and iPhone and lead the way. So please, Apple, go deeper into the consumer electronics market and give us the best phone system with a revolutionary interface that bridges the gap between home phones and computers and the internet! R. Hullet

[newyorkrebel]

I agree with all of your suggestions of essentials for things we'd like to add to the iPhone and probably a dozen more can be added, but the important thing to remember, and to stay focused on is the iPhone is currently the BEST available cell phone on the market.
Other phones can do things that the iPhone can't do, which explains the need for wish lists like yours, mine and ours, but the most important thing to remember and share with the outside world is that for all that the iPhone doesn't do, when it does do something, it does it better than any other phone out there.
It's a first generation product, and well worth our support in its current format, despite the lack of storage capability, too small hard drive, no bluetooth music sharing, etc., etc., the list goes on and on.
The important thing to focus on is what it does WELL, not what it does NOT do at all ...

[Team_Louish_com]

If you want to delete all your messages in the Mail program or mark them as read, You can if you configure your account as an IMAP account then on your PC mark all messages as read or delete them all. I wrote an article on how to do this. This work for all Gmail Accounts, Google Apps for your domain, etc..
http://www.louish.com/2007/08/

[griffman]

You miss the point: the iPhone needs a fast way to delete email. If you can bring a computer into the picture, sure, it's easy. But if you're connected to a Mac anyway, just access the account in Mail, select all, and hit delete. Next time your iPhone checks your IMAP email, all those messages will be gone.
But the issue remains: if you're nowhere near a Mac and need to delete 200 spams, it's a painful, slow, and repetitive process.
-rob.