Apple Blue LogoOn Thursday at the Black Hack conference in Las Vegas the security researchers, Charlie Miller and Collin Mulliner, demonstrated a SMS security vulnerability that exists in the iPhone, Android based mobile phones, and Windows Mobile phones. The attack involves simply receiving a series of malformed SMS from a hacker, just receiving these SMS will cause the targeted mobile phone to either crash or worst taken over by the attacker. The latter is possible with the iPhone.

When the attacker takes over the iPhone they can make calls, visit web sites, turn on the camera and most of all forward the SMS to people in the iPhone's Contact list.

The security researchers informed Apple, Google and Microsoft of the vulnerability about a month ago. At that time, they told these companies that the SMS security vulnerability will be the topic of their speech at the Back Hack conference in Las Vegas. After Google was informed they released a fix to Android. The researchers did not hear from Apple.

This morning Apple released iPhone firmware 3.0.1, which they claim has included the fix for the reported SMS security vulnerability. As of now Microsoft is still investigating the vulnerability in Windows Mobile.

For all iPhone users who had jailbroken their iPhone, please be warned that this update will most like like undo the jailbreak. For iPhone users who had unlocked their iPhones, thus far there are no official news from iPhone Dev Team, if the iPhone firmware 3.0.1 will cause the iPhone to be still unlock-able. One thing we do know is that iPhone firmware 3.0.1 does not upgrade the baseband of the iPhone, so in theory it should still be unlockable with the software from iPhone Dev Team.

[Update: August 1, 2009] iPhone Dev Team just released an official message confirming that the iPhone firmware 3.0.1 is safe for iPhones, and the upgraded iPhone still can be jailbroken and SIM unlock. Please read the message from iPhone Dev Team for instructions on how to do so.

iPhone Firmware 3.0 Numerous improvements to the iPhone SDK was announced. This included enablement of peer-to-peer connectivity no prior pairing required so two iPhone can talk to each other without prior setup, Streaming audio and video over HTTP, Data detectors, built in VoIP API, and more. Push notification finally arrives for developers to add to their applications.

The hotly rumored and confirmed by Kevin Rose's source last week, Cut Copy & Paste was demoed at the event. During the demo, Apple's Scott Forstall, SVP iPhone Software, also included multiple selection of photos in the Photo app for sending them in an email.

Landscape mode keyboard will now be available in all Apple applications and will be available to developers to enable in their own application.

Finally, no more Jailbreaking to get the ability to delete or forward individual SMS messages. These features are now built into the new Messaging application. Audio files and contact cards can be sent via the new Messaging application.

There is a cross application search feature to search in the Mail, Contacts, Calendar and Notes applications, it is OS X Spotlight feature for the iPhone. If a result is not found among the local application, it will hit the server for possible results.

Finally, you do not have to worry about loosing your Notes stored on your iPhone, the new iPhone software will synchronize the Notes content with the Mac and Windows computer via iTunes.

Auto login for WiFi hotspots is built-in. So will this see the end to Devicescape's "Easy Wi-Fi" and 3rd party application like "Seremgeti"?

Stereo Bluetooth (A2DP) is now available in the new iPhone software but still does not include the other Bluetooth services in the Bluetooth standard.

For the end-users we will have to wait until this Summer. As this new firmware and SDK is only available in beta form to developers in the iPhone Developers Program. The upgrade will be free to iPhone 3G owners. Again iPod Touch users will have to pay USD9.95 for the firmware 3.0 upgrade.