Today's menu: Podcaster, Pwnage and iPhone security

On today's menu is a trio of comments regarding recent news items:

Podcaster and Apple's "success"

Yesterday, the Observer reported that "Apple has rejected an iPhone app, Podcaster, on the basis that it duplicates the functionality of the Podcast section of iTunes. The author is greatly annoyed, as are some other developers and observers. Apple might even be on shaky legal grounds."

It was just a few days earlier that I had expressed my concerns about the potential downsides of Apple becoming "too successful." One of my concerns was that "you can't download any third-party software {from the App Store} for your iPhone or touch unless Apple first approves the software."

The problem here is that Apple's basis for approval may simply derive from its own self-interest. This Podcaster controversy is a perfect example of how Apple's tight rein can wind up at odds with consumers' and developers' interests. Apple should not be blocking an application such as Podcaster simply because they view it as competition, especially so when the guidelines to developers do not clearly state this as a prohibition.

PwnageTool 2.1: That didn't take long

PwnageTool is a utility for jailbreaking an iPhone or iPod touch. Last week, the Observer reported that "that iTunes 8 included changes that...combat...the PwnageTool exploit." The developers of PwnageTool claimed that they would soon be able to work around these changes. They have already done so, and without having to patch iTunes (something they feared might have been necessary). I can confirm that the newest versions of PwnageTool and QuickPwn can successfully jailbreak devices running Apple's latest 2.1 updates and syncing with iTunes 8.

At this point, I simply don't understand why Apple continues to waste its time and resources on this cat-and-mouse game. Nevermind that they keep losing the battle. Why even bother? They've already made it clear that you jailbreak an iPhone at your own risk, voiding your warranty at a minimum. If I still want to take the risk, so I can run Terminal or OpenSSH (or whatever) on my iPhone, why should Apple interfere? If Apple simply let jailbreakers play in their own sandbox, without trying to stop them, it would be better for both sides.

Breaking into an iPhone

Last week, the Observer, citing Jonathan Zdziarski, noted that the "iPhone takes its own screen shots as an internal programming aid." They are created to allow the zooming effect when opening or closing an app.

By itself, the screen shots are not a problem. The potential problem occurs if and when your iPhone falls into the hands of an unscrupulous hacker.

As it happens, I attended a recent Webcast where Mr. Zdziarski discussed this matter. He demonstrated how a knowledgeable user can break into an iPhone, even one that is password-protected, in a matter of minutes. It was a bit scary to see. After breaking in, the hacker can easily access the aforementioned screenshots (as they are saved to the iPhone's hard drive). Although not very likely, these screen shots could contain confidential data.

Mr. Zdziarski focused on the value of this access to law enforcement, allowing recovery of potentially incriminating evidence from suspected criminals. However, I believe Mr. Zdziarski was being a bit disingenuous here. I suspect that these techniques are much more likely to be used illegally -- on stolen iPhones.

You needn't be too concerned here. There's no risk to your iPhone as long as you maintain physical possession of it. And even if you lose your phone, it's unlikely that it will ever be subject to this sort of hacking. Still, if you keep confidential data on your iPhone, you may want to rethink this decision.