Apple: iPhone jailbreaking could knock out transmission towers

Unauthorized changes to the iPhone's software could allow denial-of-service attacks or free phone calls, warns Apple

Apple has told the U.S. Copyright Office that modifying the iPhone's operating system could crash a mobile phone network's transmission towers or allow people to avoid paying for phone calls.

The claims are Apple's contribution to the Copyright Office's regular review of the U.S. Digital Millennium Copyright Act (DMCA), a law that forbids the circumvention of copy control mechanisms.

[ The InfoWorld Test Center examines iPhone development tools that work the way you do. ]

Apple says that modification of the phone's software, a process known as jailbreaking, could lead to major network disruptions. Jailbreaking gets around the copyright control features that prohibit, for example, the installation of applications unapproved by Apple.

Apple's arguments, filed June 23, seek to rebut a request to the agency by the digital rights group Electronic Frontier Foundation (EFF) that modifications to the iPhone's software do not violate the DMCA and should be allowed.

The U.S. Copyright Office holds hearings every three years to consider requests to make exceptions to the nation's copyright law.

Jailbreaking continues to be popular with iPhone users, who can also then use their devices on the networks of operators who have not signed distribution deals with Apple.

Apple argues that the practice constitutes copyright infringement. No one has been prosecuted for jailbreaking, although Apple discourages it.

Apple's latest filing describes potentially severe technical problems operators could face with jailbroken phones.

Since the OS code is accessible on a jailbroken phone, Apple said it would be possible to reprogram one to gain access to the phone's BBP (baseband processor), which controls the connection to the operator's network.

"Because jailbreaking makes hacking of the BPP software much easier, jailbreaking affords an avenue for hackers to accomplish a number of undesirable things on the network," the filing said.

By gaining access to the BPP, hackers could change the phone's ECID (exclusive chip identification), which identifies a phone to the transmission towers, Apple said.

"With access to the BBP via jailbreaking, hackers may be able to change the ECID, which in turn can enable phone calls to be made anonymously (this would be desirable to drug dealers, for example) or charges for the calls to be avoided," Apple said.

While some of Apple's claims may be true, network operators rely on a separate identifier, contained in the phone's SIM (Subscriber Identity Module), to distinguish between customers for billing and authentication purposes.

Apple went on to say that if several phones were modified to have the same ECID, it could cause a transmission tower to malfunction or kick phones off the network. Also, operator limits on data transmission could be circumvented, allowing a hacker to conduct a denial-of-service attack and crash the tower.

"In short, taking control of the BPP software would be much the equivalent of getting inside the firewall of a corporate computer -- to potentially catastrophic result," Apple said.

Technical considerations aside, the EFF has argued that Apple's lock on the iPhone is unmerited from a copyright protection perspective and aims to "suppress competition from independent iPhone application vendors."

The Copyright Office is expected to make a decision in the case later this year.