Hacker News new | comments | show | ask | jobs | submit login

Apple will want to rapidly patch this either way. They still see it as a large security flaw, even if it needs a physical connection, and they hate jailbreaking.

4.2.1 is still vulnerable to a remote safari exploit, capable of gaining root. There's no way for iPhone 3G users to update past that point. They don't care about security.

Do you mean the JailbreakMe web-based exploits? JailbreakMe is not available for iOS 4.2.1. It's available for 3.1.2-4.0.1 and 4.3-4.3.3 - see http://en.wikipedia.org/wiki/JailbreakMe#Compatible_iOS_vers... for details.

Yeah, but there's nothing stopping someone from porting JailbreakMe to 4.2.1 — it already works on 4.2.8 for the Verizon iPhone 4, and the other versions are similar enough. The hardest part would be the CPU (armv6 vs armv7), but it's clearly possible.

To be clear, you're arguing that [Apple doesn't show adequate concern] about (a theoretical) security (risk to a handset that was discontinued 2 years, 8 months ago)?

A proven exploit that is publicly known, on a device that millions of people still browse the web with daily. Just because it is discontinued doesn't mean that it doesn't exist anymore.

3 years should not be the lifecycle of a highly advanced device costing many hundreds of dollars. That is utterly insane.

Well hon, welcome to the mobile industry. Here's your complimentary chalice of mercury.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact