We brought you news of the iPhone 1.0.1 update last night, but for the detail-oriented among us, here’s what the new software brings to your favorite three, three, three devices in one.
Five, count ‘em, security fixes, all of which have to do with the iPhone’s web connection. Two of them resolve issues in Safari itself, preventing cross-site scripting attacks and maliciously crafted web pages that could let an attacker run arbitrary code on the phone. The latter is credited to Independent Security Evaluators, who you may remember announced that they would be demoing the security vulnerability they had found this week at the Black Hat conference.
The three remaining bugs fix problems in WebKit and WebCore, underlying technologies that help power Safari. Two prevent maliciously crafted websites from doing nasty things to your phone, while the third makes it harder for sneaky websites to appear legit.
Does this mean the iPhone security is watertight? Unfortunately, no: there are always more bugs to be found. However, for those who have taken the time to install the update, you can rest assured that surfing on your iPhone is safer than it was yesterday.
Somehow I doubt I am in any danger. I trust your domain, and only visit domains that I have a legitimate reason to visit. My bank. Newsgator. Legit news sites (CNN, FOX, and their subsidiaries). Wikipedia. When you start doing searches for the latest game cheat codes, then you have to begin worrying about the integrity of that domain. Or the latest "warez." Or illegal movies and music. Or maybe some myspace (or the like) surfing, which I have never been to and don't as a rule. I don't even view my friends or family members "freely" hosted web sites of that nature. The most risk I'll ever take is clicking on links to off-site original stories that you guys provide in your articles.