Then one should expect Apple to patch this vulnerability more or less immediately, which will break the jailbroken phones, so everybody will bitch about that, too, right?
My take on the bitching: Too freakin' bad, boo hoo. Apple should fix this hole posthaste, and if it bricks a bunch of phones, that's a damn shame. Whether or not the Librarian of Congress says that jailbreaking is legal, Apple has no responsibility to support (i.e. not brick) the jailbroken phones, since that clearly voids the warranty.
If I were Apple I'd be pretty pissed off about now, and itching to correct the flaw that allowed this hack.
If you have a jailbroken phone, you should have enough savvy to avoid doing any Apple updates until you know how it will effect your phone.
If you do want to go back to a non-jailbroken phone, it is a simple as doing a full restore. Then you can update to the newest firmware without any issues. I’ve done that in the past.
Non-tech people should stick to the default firmware and avoid playing with dodgy stuff.
Yep. This is a HUGE hole, allowing unrestricted code execution at root level. The kind of vulnerability that many here have claimed over and over can never happen on any Apple device. It's impossible, it's invulnerable, and anyone stating anything opposite was a liar and simply creating FUD.
And now we find that just visiting a website can compromise your entire iOS device at the root level.
Apple should have this hole closed today. Anything longer than that shows they really do NOT care about security. This is about the worst hole you could have in a MID (Mobile Internet Device).
Whether or not the Librarian of Congress says that jailbreaking is legal, Apple has no responsibility to support (i.e. not brick) the jailbroken phones, since that clearly voids the warranty.
I fully agree, and I don't think anyone is saying anything differently. The big change was that Apple can no longer come after you for jailbreaking your phone. But if you do, you're responsible for what happens.
If I were Apple I'd be pretty pissed off about now, and itching to correct the flaw that allowed this hack.
What's interesting - the hole exists in the PDF reader. The reader that APPLE wrote, since they deemed Adobe's reader as "too vulnerable" (and not so surprisingly, the Adobe Reader does not have this vulnerability). This is 100% on Apple's head, they created the hole, it's been distributed for at least 2.5 years, and there is NO WAY of knowing if it's ever been exploited, since any exploit can cover its tracks.
So much for the vaunted invulnerability of iOS!