released firmware 4.0.2, which patches a very large security holes exploited by @comex in the 2nd incarnation of jailbreakme.com. While this might be bad for those who want to use jailbreakme.com's software it is good for those who don't want their phones hacked.
However the downside is that Apple abandoned iPhone2G and iPod Touch 1G users. While telling the world+dog how terrible the hack is, and how much 3G users need to upgrade, Apple failed to mention that people who have not upgraded their phones to 3G are still vulnerable and there is no patch.
Now the phones are completely vulnerable to truly malicious variants of jailbreakme when anyone can be bothered writing them. Fortunately for those who are using the older phone, @saurik has written a Cydia package that will fix the holes for all devices and all firmware versions. It is still being tested but should be out soon.According to the Dev-Team Blog
, since the only reason for 4.0.2 was to fix the security holes, and the upcoming Cydia package will fix them too, everybody should not upgrade and install the Cydia package as soon as it’s out. That means that Jailbreakers can have their cake and eat it.
It is nice when the hacker community helps out where Apple refuses.