iOS 4.3.1 Update is not Perfect: Pwn2Own bug still there
iOS 4.3.1 Update is Not Perfect. The iOS 4.3.1 was certainly an improvement of the slightly older iOS 4.3. However, do not cheer up with joy. The improvements were so smalls that many users could tell what was better. Some users, a small minority, have after the update a smoother OS, for performing certain tasks, but in general, the iOS 4.3.1 is just a couple of patches.
Despite Apple’s zeal for delivering the best, polished products (both in design and technically), sometimes a couple of flaws go unnoticed into their products and did not get corrected with this firmware update.
Pwn2Own might sound as the name of a fictional robot for many, but it is a hacking contest, which, among other things, test harshly Apple devices for security flaws, for jailbreak, and for compatibility with other devices, among other things. One of the bugs discovered there was in the Safari mobile browser. This is important because it is a security issue. A talented hacker could access your Address book through this bug, so it’s a real threat for most users, who are very security minded. A concrete case of some user who got his data stolen is still not known, so, perhaps it is necessary indeed a talented hacker under the most appropriate conditions to get hold of this data.
The amazing thing is that it was patched in the 10.6.7 update for OS X, but not in the iPhone iOS 4.3.1 version. Technically, it shouldn’t be a problem to have it updated in the iOS 4.3.x too. One of the main reasons that moved Apple to not patch this bug, was probably that it has not seen it or deemed it not to be very important. This bugs makes the iPhone easier to jailbreak, which is a main concern for Apple, a company which uses all its means to stop users from doing that.
On a side note, it is necessary to say that the bug itself does not help jailbreak per se. It just makes it easier to jailbreak, and hackers have exploited it and will continue to exploit it. An untethered jailbreak for the iOS 4.3.x is still just an expected desire of many users (an tethered version has been around since a while).
Maybe, it gets corrected in the next IOS 4.3.2 version. Just get tuned for more news.