Apple plugs loopholes with security updates in iPhone OS 3.1
According to The Unofficial Apple Weblog, the iPhone and iPod touch upgrade released this week now enforces server-side encryption of Microsoft Exchange, which disables access for all non-iPhone 3GS devices. That means that older iPhones and the iPod touch, which do not have encryption support, cannot access Exchange services.
"While many are reacting to this issue as though it's a bug, and are reporting it as such, the reality is that the Exchange encryption requirement is a feature and the fact that it was not being correctly enforced was actually a security hole," the report states. "IT administrators with Exchange 2007 SP1 servers and iPhone clients are probably going to be fielding an above-average level of incoming questions, but at least they can rest easy knowing that Exchange encryption is now working correctly. Cold comfort for their users, though."
With the operating system upgrade, affected users will see the notice "Policy Requirement - The account... requires encryption which is not supported on this iPhone/iPod." For now, the only workaround is to upgrade to the iPhone 3GS or disable server-side encryption to allow access.
While the iPhone 2.0 software brought business-class e-mail access via Microsoft Exchange ActiveSync right out of the box with the iPhone 3G, Exchange encryption was not supported until the iPhone 3GS debuted.
In another change with the latest iPhone upgrade, a simple tethering hack that worked in version 3.0 was disabled. Previously, users were able to enable the feature in the iPhone's software by flashing the firmware.
According to CNet, the 3.1 update has removed the tethering option under the device's Network settings. However, some have reported, with various versions of the AT&T carrier file, that the hack is still operating.
While AT&T is set to enable multimedia messaging on the iPhone 3G and iPhone 3GS on Sept. 25, official tethering between the handset and a computer has only been given an "in the future" release date thus far.