We have an update on the AIM push problem we wrote about this morning. The problem only affects jailbroken iPhones 2 and 3G running the homebrew app Pushfix. If you are in this sad number please restore to the original firmware or risk seeing your IMs spread far and wide.
Pushfix is a homebrew app that “repairs” push functionality on Jailbroken apps. The iPhone Dev Team, the same folks who unlocked the iPhone in the first place, created it to help us lowly users but they left a fatal flaw in the program. It seems they used a single UDID – Unique Device ID – for the fix. This in turn creates a sort of broadcast network of multiple jailbroken phones running Pushfix that report back to the push servers with the same UDID. The result? When you push to one, you push to all.
Obviously this problem will be seen in a few rare cases – and it could have already been fixed – but this brings up an important point about cloud-based computing: What happens when the cloud is broken? Because Apple chose to run this dog and pony show called Push from its own centralized server, there is no guarantee that anything will go anywhere – just a warm and fuzzy expectation that Apple just wouldn’t screw up.
This exploit/problem has come about because a user did something unsanctioned and unexpected on the iPhone. While the average user doesn’t even know that Pushfix exists – I certainly didn’t – these homebrew solutions are like slime mold infecting the delicious mozzarella cheese that is Apple’s Push technology. Sadly, these problems will crop up more and more in closed, black box systems and we will often be none the wiser – until it’s too late.