This week's sponsor

Textastic

The Code Editor for Your iPad and iPhone


iOS 4 Fixes Over 60 Security Issues

Apple has posted a new support document online, describing all the security vulnerabilities they have addressed with the release of iOS 4.

There are over 60 fixed security issues (64 to be exact) and most of them are about Webkit and Safari implementation in iOS’ Webkit, as Macrumors first noticed. But there are other fixes as well:

“One issue addressed in iOS 4 involves the ability of third-party applications to access a user’s photo library, indirectly allowing the applications to infer a user’s location without explicit authorization via the geolocation information. iOS 4 addresses the issue by modifying the Application Sandbox to prevent direct access to the photo library.

Four of the fixed vulnerabilities affect the operating system’s ImageIO framework and could have allowed maliciously crafted BMP, TIFF or JPEG images to lead to security breaches. iOS 4 also addresses a pair of flaws in the Passcode Lock system in which remote locking via MobileMe could result in the password already being entered at the next unlock or unauthorized pairing of a locked device to a computer could occur soon after initial booting following a shutdown in an unlocked state.”

It’ll be interesting to see how iOS 4 will hold up against hackers at next year’s Pwn2Own.

Unlock MacStories Extras

Club MacStories offers exclusive access to extra MacStories content, delivered every week; it’s also a way to support us directly.

Club MacStories will help you discover the best apps for your devices and get the most out of your iPhone, iPad, and Mac. It’ll also give you access to advanced iOS shortcuts, tips and tricks, and lots more.

Starting at $5/month, with an annual option available.

Join the Club.

A Club MacStories membership includes:

  • MacStories Weekly newsletter, delivered every week on Friday with app collections, tips, iOS workflows, and more;
  • MacStories Unplugged podcast, published monthly with discussions on what we’re working on and more;
  • Monthly Log newsletter, delivered once every month with behind-the-scenes stories, app notes, personal journals, and more;
  • Access to occasional giveaways, discounts, and free downloads.