Apple’s iOS4 Update Addresses User Niggles: A First Look

Arguably, iOS 4.1 is the version that Apple should have shipped in the first place to showcase its mobile device hardware. It takes full advantage of the camera built into the iPhone 4, allows full-function use of Bluetooth headphones and brings a number of security-related fixes.

Perhaps the most useful features from a business perspective would be the enhanced photo and video functions. These include the ability to upload high-definition video to YouTube and Apple’s MobileMe service directly from iPhone 4, and a form of high dynamic range (HDR) photography.

Extra Features And Security Fixes

HDR photos on the iPhone use exposure-based auto-bracketing and are actually derived from three images. The iPhone takes the image its programming determines is best for the lighting and, with the same press of the shutter, records underexposed and overexposed versions of the image.

The goal with HDR is to avoid images that are bleached out due to too much light affecting the image sensor or, conversely, a muddy image from a low-light environment.

For iPhone 3G users, the iOS 4.1 update promises to rectify performance issues that they experienced after installing iOS 4. This improvement was confirmed by eWEEK Labs technical director Cameron Sturdevant whose iPhone 3G had become pretty much unusable after it was updated to iOS 4 earlier this year.

Other fixes address Bluetooth connectivity and the iPhone 4’s proximity sensor, which blanks the screen when the device is close to one’s face.

Consumer focus

The iOS update also has a consumer focus, bringing features related to the new iTunes 10, such as TV show rentals and the iTunes Ping social network while adding support for Apple’s forthcoming social gaming site, Game Center. Game Center will be available on the iPhone 3GS, iPhone 4 and second-generation or later versions of the iPod Touch.

This release expands support for the Bluetooth audio-video remote control profile (AVRCP). Although the volume and play/pause functions have been enabled for some time, iOS 4.1 finally supports controls for selecting next track and last track.

iOS 4.1 also contains security fixes relating to FaceTime, the VoiceOver accessibility functions and image handling.

Perhaps the most serious of the problems addressed was that privileged attackers had been able to redirect FaceTime video chats. This was addressed by improvements in certificate handling, according to Apple’s documentation.

The VoiceOver flaw derived from the location services setting panel in iOS. Prior to this release, VoiceOver would not notify users of applications that had requested the user’s location in the previous 24 hours.

The image handling issues concerned the interpretation of GIF and TIFF images by iOS. Apple has improved the bounds checking of GIFs and the way TIFFs are read.

A number of WebKit security flaws were also fixed in this release. The simplest being an inadvertent information disclosure through redirected form submissions. This stemmed from WebKit’s handling of HTTP redirects and could represent a problem even for people who are careful about which sites they visit.

The overwhelming majority of the security fixes could be triggered by a visit to a hostile website. They negate a range of vulnerabilities, such as type checking of text nodes, inline element rendering, keyboard focus and clipboard data.