Apple Says iPhone Jailbreaking Could Hurt Cell Towers

AHuxley writes "Apple suggests that the nation's cellphone networks could be open to 'potentially catastrophic' cyberattacks by iPhone-using hackers at home and abroad if iPhone owners are permitted to legally jailbreak their wireless devices. The Copyright Office is currently considering a request by the Electronic Frontier Foundation to legalize the widespread practice of jailbreaking. Apple has responded to the request by saying that if the 'baseband processor' software — which enables a connection to cell phone towers — is exposed, then a user could crash the tower software, or use the Exclusive Chip Identification number to make calls anonymously. Apple also thinks its closed business model is what made the iPhone a success. The Vodafone scandal from a few years back showed how a network could be compromised, but that was from within. So, what do you think? Is Apple playing the 'evil genius' hacker card or can 'anyone' with a smartphone and a genius friend pop a US cell tower?"

Wow

[binarylarry]

Even Microsoft isn't this stupid... yet anyway.

I've been avoiding Apple products due to their control issues, but this is just ridiculous.

BS

[jvillain]

Ya bad people won't look for flaws in the system if only Apple can keep people tied to their contracts. I'm having a hard time seeing the logic.

THE TERR'STS!

[a whoabot]

Apple has picked up one from the playbook of the Bush Administration.

This is worrying...

[91degrees]

We should ban the sale of iPhones with this potentially dangerous bug until Apple can fix it, either by providing unlocked iPhones, or without this being handled by the iHpone's locking mechanism.

hmm...

[aldousd666]

Don't ALL cell phones, even that aren't iphones, especially those which have the capability to install software on them, have this same problem?

This seems like the equivalent of saying 'If you are allowed to install software on your PC you might bring down your ISP's entire network."

Re:Wow

[Anonymous Coward]

*facepalm* Apple. God damn...

If we outlaw cracking iPhones

[sys.stdout.write]

then only outlaws will own cracked iPhones!

Seriously - if you're going to do an illegal activity (hacking) anyway, then making another activity (jailbreaking) illegal isn't going to deter you.

I suppose nobody's missed the obvious

[dzym]

If somebody's going to try to "pop" a cell tower they're certainly not going to care if step 1 of the process was legal or not.

FUD

[jackb_guppy]

Apple is just trying to bad monopolist and keep the cash rolling in. Next it would not have a lock on apps, hence anyone can load what they want as service (background) - so Skype or Google app can vut the phone use costs.

Re:Ignorance is bliss

[Anonymous Coward]

As I'm replying to you, there's 3 posts in the thread. All of them are against Apple's stance on this. Obviously Apple gets a free pass on this site.

Ya, right

[HeLLFiRe1151]

If a person is going to commit a felony "cyberattacks", why the hell would they worry about the legality of jailbreaking? It's like armed bank robbers worrying that they're fully automatic rifle isn't legal.

The protect the baseband processor only

[noidentity]

Instead of locking the whole thing down, just lock down the baseband processor. That way people who want to run their own apps can do so without having to jailbreak anything, and the baseband processor won't have any attention given to it. But of course this would still be a problem with AT&T, who provides the connectivity.

Oh please...

[Drakin020]

If these towers could be brought down from a user who jailbroke his iPhone, then it would have happened already.

No hacker is going to say "Oh well I guess I can't bring down this series of towers, ATT/Apple said it's not legal. Darn..."

This is the lamest excuse I've heard yet...

Total crap

[Viol8]

It would be like saying that allowing PC/Mac programmers to use the IP sockets API will let them crash their local router.

Give us a break Apple, you're coming across as more and more control freaks and foolish every week.

Yet another nonsensical response.

[getclear]

We all know the deal. If I wanted to compromise said cellular network, I could use the current published, freely, and openly available jailbreaking techniques. If they legalize jailbreaking of the phones, it is not going to legalize hacking cellphone towers, so the people that are going to do it are already trying. This is just a another preemptive strike by Apple. They are going to lose credibility, because too much press in a short ammount of time for a company can be just as bad as flying under the wire. I think it is time they slip back into the ether and keep quiet for a few weeks.

Other smartphones?

[FTWinston]

There are other smartphones on the market, you know. And the rest of them aren't limited to apple's draconian app store submission process.

Surely such a hacker could just use another smartphone platform? Seems like a last-ditch attempt to justify their control-freakery.

Let me get this straight

[jeffmeden]

In order for the towers to be protected, there must be a *law* against jailbreaking (a practice that is currently perfectly feasible, just questionably legal). Will the law, sensing a helpless tower is in danger, jump off the page and stop the evil hacker from using his jailbroken phone to expose flaws in the upstream hardware/software, and save the day?

Even if this is true, legislation is clearly NOT the way to go here. Either they are giving away too many secrets just by having easily exploited hardware/software in consumers hands, or they are running woefully unprotected towers (or both). In any case, a law against it isn't going to do a whole lot except speed the prosecution of said 'evil hacker' who would already be breaking numerous laws anyway.

Protecting Profit Margins

[Foofoobar]

Apples isn't so much worried about hacking as it's a possibility with any smartphone. It's worried more about it's profit margin with exclusive contracts; this allows them to take a percentage of the contracts rather while undercutting the price of their devices. If they were to lose this exclusivity, they would either have to raise the price of their devices again or accept that their profit margins have been cut... and that is the real thing they are arguing against.

To be, or not to be

[scout-247]

The ability to make anonymous phone calls shouldn't be seen as such an evil.

Ummm...

[mhkohne]

If jailbroken iPhones can hurt cell towers, then it's already too late, because there are already jailbroken iPhones. So how does making jailbreaks illegal help this problem? It doesn't.

Keep in mind

[bferrell]

ATT and the old bell system made the argument that phones they didn't make (and rent/lease to subscribers) would harm the network. It took the carterphone decision to make THAT lie go away

Re:Wow

[sakdoctor]

Why single out Apple products. The whole concept of a "smart phone" is ingsoc lies.

A phone is the piece of tech that you can never really own. Many people accept this and take the "free" phone, and pay the high monthly rental.
The built in obsolescence has got to be one of the worst in the industry.

MP3 player, calendar, organiser, GPS, ebook reader, camera, bomb, those can all converge as much as they like. Just not with anything that needs a SIM card.

Re:Think of the towers

[YayaY]

Security by obscurity does not get you very far. If the cell tower software is so fragile, it needs to be secured correctly.

Re:Oh please...

[geekoid]

"If these towers could be brought down from a user who jailbroke his iPhone, then it would have happened already."

That, my friend, is a logical fallacy. Right up there with; "If it's doable, then it's already been done."

Re:hmm...

[Sockatume]

So what Apple really wants, is to save us all from cellular catastrophe by locking us to AT&T and O2? The network that can't make MMS work and the network that lost a sizable chunk of its coverage because of a single, trivial fire last week? It's like saying you'll protect me from corruption by securing the jobs of MPs.

Re:I suppose nobody's missed the obvious

[ajs]

To be fair, their comments are probably being taken radically out of context, here. They likely gave a laundry-list of reasons that they think jailbreaking should not be allowed by the FCC. Now, we might disagree with their rationale (I do), but Slashdot does tend to sensationalize whatever is the most likely headline to get a geek's attention.

As others have pointed out baseband software isn't typically touched when jailbreaking an iPhone, so this argument would appear to be more of a "the path we're on" sort of thing, rather than a statement about what jailbreaking will cause directly.

Play the fear card

[Smegly]

Play the fear card whenever you want your political way...

Re:Think of the towers

[Joce640k]

Maybe they have a problem with backwards compatibility and can't just replace all the software without breaking all the handsets out there.

Re:Think of the towers

[fuzzyfuzzyfungus]

Worse, trusting the client is always an idiotic plan. Even if it isn't iSteve's precious baby, there will always be some phone(s) were the evil unauthorized users have access to the baseband(if nothing else, the people who design phones have to have the baseband interface specs, and I'm sure that sort of thing gets lost/dumpster dived/hacked/inside-jobbed from time to time). Solving cell tower security issues by trying to lock every handset would be like trying to make the internet safe by making Symantec Endpoint Security mandatory for all devices with public IPs.

This is just Apple wrapping themselves in the "Security" blanket to get what they want. Should we expect a series of PSAs about how iPhone jailbreaking aids the terrorists?

Re:Ignorance is bliss

[Ghostworks]

They're not really playing to the ignorance of their base, as it's not their base that they're trying to convince. They're trying to convince the Copyright Office, which is almost as bad because they cannot be reasonably expected to understand the intricacies of cellular network technology. That burden lies with the network operators and the FCC. As for the question of whether jailbreaking is good policy from a copyright perspective, the Copyright Office shouldn't care much about potential network problems.

Now from a technical perspective: AT&T is a GSM/EDGE/UTMS network. If the iPhone is supposed to work on their network, it conforms to those international, well-vetted standards. (An part of those standards is the use of a SIM card specifically so a user can separate the handset from the network.) There shouldn't be anything that an iPhone can do on their network that any other cell modem couldn't do. TFA isn't coming up for me, so I'm not sure what Apple's specific claims are, but I have a hard time imagining that AT&T gave them some unique, magic software key to a very well-defined tower structure.

Re:Think of the towers

[gnick]

Should we expect a series of PSAs about how iPhone jailbreaking aids the terrorists?

Might not be as far off as you think. "...could...use the Exclusive Chip Identification number to make calls anonymously." sounds like a good set-up for that kind of approach.

Re:BS

[Chabil Ha']

Not only that, but if it really is such a big problem, then fix the cell architecture. The thing I find truly laughable is the justification that a drug dealer could use this to make anonymous calls/data transfer/whatever. The whole point of this discussion is to give *legitimate, honest citizens* the right to modify their phones. Do you think the drug dealer is worried about whether or not it is legal or not? He's already breaking the law in trafficking drugs, what's running the Pwnage tool going to hurt???

They're just pissed that the consumer wants to legitimize what should already be their right--to modify *their* purchased device for their own personal uses!

Re:Think of the towers

[TheSpoom]

If you were a giant company making shit-tons of money for lazy coding, would you pay for the security changes, or would you do the much cheaper and simpler option of passing legislation that makes breaking your crappy code illegal?

Remember, they've already bought the congresspersons and senators needed.

Re:Think of the towers

[mini me]

If the software is vulnerable, it is vulnerable with or without a jailbroken iPhone. Even confiscating every single iPhone in existence will not stop someone from taking advantage of the vulnerabilities, if they are so inclined.

Re:Wow

[jpmorgan]

What Apple is saying is wrong. Everybody with any knowledge of the system knows it's wrong; even if cell towers were susceptible, jailbreaking doesn't touch the baseband software on the phone. Yet they make the claim anyway, knowing it's false, presumably because they're hoping nobody involved in this process at the Copyright Office has the technical knowledge to know it's BS. Let's call this what it is: it's a lie.

Shouldn't there be some sort of consequences for just lying in a process like this? I know in courts there is perjury, for lying under oath, but what legal consequences are there for lying in this kind of situation?

Re:Think of the towers

[mini me]

Attacking a cell tower is already illegal. No additional legislation is needed here.

Where is Ma Bell when you need them....

[klubar]

The network argument was core to protecting the old Ma Bell (former/real AT&T) for many years. They used the same argument that unapproved equipment could damage the network. Now the new AT&T (and Apple) is trying the same argument about "danger" to infrastructure. Although there many have been some technical reasons for both arguments, it's really about profit.

I hope the software/hardware on the towers and switching systems is robust enough to handle rouge events. Even if there aren't jail broken phones, a motivated hacker (with some significant RF engineering background) could whip up a device that could crash the network. THe argument for closed devices is all about profit.

Re:Reluctantly agree

[Sockatume]

If Apple didn't have its hoop-jumping content-based approval process, and just approved apps based on technical safety, then there wouldn't be any need for people to hack their devices and consequently install unsecure, potentially dangerous software.

Idiotic

[tomz16]

This is IDIOTIC. How can any reasonable person possibly buy this argument.

Anyone that wants to bring down a cell phone tower or cell network IS NOT GOING TO CARE whether or not it's LEGAL to screw with the cell radio baseband software. They are ALREADY attempting to do something much worse.

Let's be honest here, the "security" aspect of this argument is a smokescreen. It's blatantly all about the profit!

Furthermore, the cellular network should NOT be so fragile that a single rogue cell phone could take it down (AFAIK it is not). BUT if AT&T is truly insistent on making this argument, then I believe a full investigation by the FCC is mandated. The self-admitted fragile state of their network means that their stewardship of a public resource (radio spectrum) is being poorly managed and truly endangering national security.

Bad Apple, no biscuit

[Thaelon]

If a single cell phone using hacked firmware can crash a cell tower, then the tower needs fixed.

This is nothing more than an attempt by Apple to retain control of and thus be able to profit more from their product to the detriment of their customers.

Bad phone design?

[Andy Dodd]

WinMo phones have been open to app developers for years, I don't see them crashing cell towers.

Similarly, people have been "cooking" custom OS image ROMs for WinMo phones for years, and I haven't heard of them crashing cell towers either.

So either the iPhone has no way of crashing cell towers if arbitrary applications are run on it, or it has a severely deficient hardware/software architecture compared to Windows Mobile in terms of security.

Re:Think of the towers

[dnahelicase]

Not that I am in any way involved in gun rights issues, but I always find it puzzling when people say "think of the children" when dealing with gun laws. Those that intend to break the law (killing someone, bring down cell networks, [fill in the blank]) don't care if it is legal or not to (own a properly licensed gun, jailbreak their iPhone, [use some other regulated too]).

Re:Think of the towers

[commodore64_love]

"When you outlaw hacking cellphones,
"then only criminals will have working phones!"

That meme doesn't quite work here, but the point is valid. Passing a law to stop people from hacking cellphones is Not going to ctop criminals from attacking towers anyway. Criminals don't give a fuck about laws.

Re:Let me get this straight

[Grizzley9]

How in what way and universe is jailbreaking "questionably legal"? It is *your* phone. How is it any different that doing anything you want with any other electronic device you own? Unless you are hacking into other networks or some such, which is understandably illegal, you are only using what you own how you want. I am saddened we the public have been moved into such a mindset.

Re:hmm...

[Sockatume]

The baseband hack is the thing they're actually arguing against, in practice. That's what their argument targets, even if they're nominally going for the necessary-but-not-sufficient step of jailbreaking. You can bet that's what they'll fall back to. In fact, it's a good rhetorical strategy: they'll decide to "meet us in the middle" with the compromise of allowing jailbreaking, but rendering baseband hacking (and thus unlocking) outlawed.

Re:Defective by design...

[Verdatum]

As other comments point out, the lock is in place on the lower level, because the baseband operations are separate from what jailbreaking gives you. The problems are inherent to the GSM spec, and are maintained thanks to backwards compatibility requirements. Anyone with a transmitter of the appropriate frequency and a computer can cause the same havoc to a GSM provider. By Apple's argument, open source phones like openmoko should be outlawed. A cellular network could be set up with measure to enforce that only approved phones and applications may run, and that is the approach of CDMA (Verizon Wireless).

What makes the iPhone special in this case?

[roc97007]

Caveat: My understanding of "jailbreaking" is that this allows people to run applications not available in the app store. IE, applications that haven't been blessed by Apple. This is different from unlocking the phone, which allows you to change carriers.

Given that, what is the difference between an iPhone running arbitrary apps and any other smartphone doing the same thing? I'm trying to get my mind around this. Is Apple saying that the fact I could install some third party app on my Treo 750 back when I had it, or can on my Blackberry now, does *not* present a threat to cell towers, but installing a non-blessed 3rd party app on the iPhone does? If so, what makes the iPhone different?

Or is it that this is a danger with all smartphones, and Apple is trying to be responsible with the platform under their control? If so, why haven't we seen widespread reports of people crashing cell towers willy-nilly with some poisonous app running on a Curve?

By this notice, is Apple saying that they have done a thorough security analysis of each and every one of the 65,000 apps available on the app store, and is offering assurance that none of these apps have the ability, say some hidden easter egg, of bringing down a cell tower? Is Apple thereby assuming liability for any cell tower damage that might incur from an app available from the app store? Apple's statement "The technological protection measures were designed into the iPhone precisely to prevent these kinds of pernicious activities, and if granted, the jailbreaking exemption would open the door to them" seems to infer an assumption of liability for non-jailbroken phones. I wonder if Apple has thought through the legal ramifications of these statements.

And finally, is Apple saying that "a local or international hacker" intent on "initiat[ing] commands (such as a denial of service attack) that could crash the tower software, rendering the tower entirely inoperable to process calls or transmit data" would be stopped in his nefarious (and extremely illegal) deeds by the (mild, in comparison) legal prohibition against jailbreaking the phone?

Is that what Apple is saying? I just want to be clear on this.

Or, could the real issue be that Apple has in their contract with AT&T (as RIM does also, unfortunately) that certain capabilities [slashdot.org] will not be available through the app store that could be used to side-step carrier fees? Is it possible that this is the real issue, and the security issue is a rather weak smoke screen? Mind you, if that really is the case, then fine. It's their product, they can assume any position they want. But have the intellectual honesty to cop to it.

Re:Think of the towers

[TubeSteak]

Attacking a cell tower is already illegal. No additional legislation is needed here.

People take drugs, speed on the highway, jaywalk, run red lights, improperly dispose of hazardous wastes, etc etc etc.
Legality is almost irrelevant when the capability and desire is widespread.

Re:Think of the towers

[DoubleDownOnEleven]

And does anyone seriously believe that someone willing to launch a DoS on a cell phone tower would be deterred because the jailbreaking process isn't legal?

Re:Just another marketing ploy:

[Tony Hoyle]

You want to run software in the background?

Theres an app for.. Oh, wait.

Re:Think of the towers

[recoiledsnake]

True, this is like MS claiming allowing unauthorized applications and devices on the internet would break the ISP's or Tier 1 provider's routers and then locking up all applications with a App store raking in 30% of the cost compulsorily.

Also, from the response from Apple:

Looking at the four statutory fair use
factors,18 although the use per se of the modified iPhone bootloader and OS on an individual
handset is of a personal nature, it is not a transformative use, and because a jailbroken OS is
often used to play pirated content, the act of jailbreaking should be considered of a commercial
nature since it facilitates obtaining applications without paying fees for the them.

snip...

In sum, the value of the OS software to the iPhone, and therefore to Apple, is that it
enables the iPhone to function as a platform for the mobile computing experience that
differentiates the iPhone from its many competitors. This, in turn, increases the value of Appleâ(TM)s
iPhone copyrights and, again, overall consumer utility, making the iPhone a more attractive
product to consumers.

Huh? WTF? A jailbroken OS is often used to play pirated content? Apple keeps rejecting(censoring?) useful apps that developers and companies have spent lots of time and money on for silly reasons such as political content, duplication of functionality, mature content etc. The real reason is not piracy, it's because Apple wants to keep that 30% cut of all apps sold and control all the content while at the same time not angering AT&T with their approved Apps to keep the ~$17/month that Apple gets paid for each iPhone customer.

Is this what Apple calls the platform for the mobile computing experience? And there are a bunch of people including Jobs calling the iPod touch the equivalent of a netbook. http://www.osnews.com/story/20424/Jobs_on_Cheap_Computers_Netbooks [osnews.com] http://arstechnica.com/apple/news/2009/01/the-iphone-and-ipod-touch-apples-netbook.ars [arstechnica.com] Please, no thanks.Do not pervert the word computer to mean a walled garden. Call it a phone, gaming console, e-book reader etc. if you wish. This makes the evil MS look like defenders of freedom in shining armor. God forbid if a company like Apple won the PC wars back in the 80s instead of IBM/PC compatibles. *shudder*

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:Think of the towers

[Anonymous Coward]

Security by obscurity does not get you very far. If the cell tower software is so fragile, it needs to be secured correctly.

This current lie by Apple is an almost textbook definition of FUD. Since people have been jailbreaking the iPhone for at least a year now, you think there would have been al least ONE incident like those described.