The latest iOS release from Cupertino alerted me via my iPhone 5, on the evening of December 21st, 2014. I find that a bit odd, especially since it’s been out since December 9th, 2014. Possibly it’s a staggered release? For pure curiosity reasons, if you were alerted sooner, post in the comments when you were notified and your device type.
Whenever there is a new release or update I always feel compelled to checkout what’s new at KBA HT1222. There was nothing new regarding iOS security, not even a publicly documented anti-malware update. This is a small update so I decided to have a little fun comparing the duration it takes to get patched between an iPhone 5 Model MD636LL/A and iPad Air Model MD785LL/A.
This update is focused on restoring lost ringtones purchased from iTunes Store. Fortunately for me I don’t buy ringtones so I’m unaffected. If you or someone you know needs to restore their lost ringtones, they can do so by navigating to this link from the device itself. For the folks out there who like to use technology the way you want to, attempting to open that link from a non-iOS device will result in iTunes being requested to launch. At a minimum, you will be promoted for iTunes to be launched and you can cancel. Your experience may vary depending upon how you are configured. Click for yourself below.
Choosing to go further into the unknown, the locally installed iTunes app will launch revealing the image below.
For fun, I surfed to the iTunes Restore Tones link from a Samsung Tab 3 I use for testing. The page redirected to the “Download iTunes Free” download page. Not surprisingly, there is no option to install iTunes on Android. Kind of a fruitless exercise, but it didn’t take long to enter into a mobile browser to see the behavior.
I used Online-Stopwatch from the Samsung Tab 3 to get an estimated duration to apply the patch untethered. The start point was from accepting the EULA bound to pressing “Download and Install”. The patch for an iPhone running 8.1.1 is 28.2MB in size, which is not very large. I began the update prior to catching the size of the total update to iOS 8.1.2 for this phone. I believe this iPhone 5 was at iOS 8.1. The total upgrade time took roughly 11 minutes and 30 seconds over a 802.11b/g/n wireless encrypted 2.4GHz WiFi network. Traffic encryption is configured for WPA2-PSK (AES). There were 2 restarts prior to the device returning to a usable state in sleep mode. Pressing the Home button woke the iPhone 5 up but the passcode entry response time was very sluggish. Resulting in an error during entry due to the slow confirmation of the masked characters. Clearly there won’t be any noticeable UX changes for me because I don’t purchase ringtones.
Performing the same 8.1.2 update on a test iPad Air, using the same network and method as described above, took 19 minutes and 33 seconds to complete past the “Preparing Update…” status. This would feel reasonable for a patch that’s 364MB in size. The restart to update the firmware (the Apple logo on a black background) took 25 minutes and 48 seconds, according to Online-Stopwatch. The iPad Air was usable after a total of 26 minutes and 51 seconds. Passcode entry was not sluggish. Again, no UX behavior changes.
While there still are many iOS users waiting for WiFi and battery drainage issues to be resolved, at least some of you got your ringtones back. Nonetheless, applying updates to any device you own/manage is one very important part of staying secure. Call it a best practice of risk reduction. While 8.1.2 doesn’t have any publicly documented security updates, if you have the time, always lean to the side of best practices. If you don’t have the time, find a gap and work patching into your holistic device security posture maintenance routine. I don’t consider the performance results described in this article to be the best results or even to be used as a benchmark, simply the results I experienced. Your mileage my vary, especially if you are not updating from iOS 8.1.1. Please share any variances you find within the comments below. TIA!
No security, no privacy. Know security, know privacy.
I have been giving a talk on “ZeuS Command & Control for Tech Support” that whimsically uses a Trojan horse type of malware to solve commonly reported computer issues. The concept arose from regularly being asked to help friends, family and others fix their computers because I enjoy it.
There may have been a point much earlier in my career when that was true.
Time permitting, not that there is much time to spare, I still do get a warm and fuzzy feeling inside helping out friends. Family is a more complex matter, because it’s you. They know your flaws, secrets, and don’t give a fuck. “Just fix the thing!” “You’re not very patient!” “Why are you so rude!” And several other exclamatory explicatives would be apart of the typical “customer service” engagement.
I decided to share this in a blog because while on a business trip and dealing with delayed flights, resulting in missed connections, adding in a city not on the original itinerary and hours of delays due to “lovely” Chicago weather; my wonderful wife asked me to help her reboot the at&t gateway for U-verse to get back online.
Having noticed earlier in the day that the SSL VPN I run from my home, the gateway to SchwartzNet Labs, was down. I sent her a couple unanswered text messages to confirm that the unresponsive SSL VPN and Minecraft server were not on fire. Children were crying.
She eventually replied to the email I sent her on the same topic confirming…
the tubz were downz.
She called at&t where they confirmed that there was a network outage in the area due to harsh weather. She needed to reboot the router for everything to come back online. OK, simple enough.
Please keep in mind that my wife is self-admittedly “low tech.” I love her dearly and that this isn’t an insult to her, but rather a comedic tale of how even ZeuS Command & Control for Tech Support couldn’t have helped. She edited this article to her approval prior to publishing.
On this night of SchwartzNet Labs doomsday, she had to get online by midnight and of course…watch her DVR’ed shows. While I waited inside the Los Angeles airport for the air vessel to be ready to receive it’s new human cargo, this was the SMS exchange we had to reboot the router.
After the final SMS in this exchange, I decided to call her and go old school using a smartphone to talk her through the process. By the time she answered her smartphone, the router was already powering up. Everything worked perfectly!
I hope you enjoyed this comedic glimpse into my personal life and how us “techies” can learn to be a bit more patient with our customers.
Especially when the customers are our loved ones.
No security, no privacy. Know security, know privacy.