More iPhone 5 Rumors Abound, While Jailbreakers Find A Hole In Today’s iOS

The iPhone 5 has yet to be confirmed by Apple (NSDQ: AAPL) itself, but we are continuing to see ever more reports about what it will contain when the Cupertino company finally unveils it. The latest pegs the phone as thinner and lighter, with more innovation in areas like battery charging. Meanwhile, for those consumers using Apple mobile products already: some possible bad news. Hackers working on jailbreaking code have exposed a hole in Apple’s iOS operating system that makes it vulnerable to malware attacks.

iPhone 5: These reports should go some way towards putting to rest the idea that Apple’s devices are falling behind the current crop of smartphones in terms of their innovation. The latest intel on new devices, which comes via unnamed sources speaking to the Wall Street Journal, note that the iPhone will look similar to the iPhone 4, except that it would be thinner and lighter.

It also noted (not for the first time) that the phone is likely to have an improved camera, here specified as eight megapixels, when the device launches this September.

But that’s not all. The report further said that Apple is working on a “major iPhone revamp” that could include new features such as cordless charging of its devices. And the report once again said that the company is looking at a less-expensive edition of the iPhone with an edge-to-edge screen. This last point has been contentious among Apple speculators, with some believing that the less expensive editions will simply be older versions of the iPhone.

Malware: It’s an interesting coincidence that these reports on new devices — which, when and if they come out, will be launched with an updated version of Apple’s iOS operating system — are getting airtime just when Apple is facing some bad publicity over its current crop of devices, specifically around malware and security.

It turns out that hackers that have been working on a jailbreaking code for iOS — which gives users the ability to install apps and other services that have not been approved by Apple — have apparently exposed a vulnerability in iOS. According to a report in Reuters, if jailbreaking code found on gets into the wrong hands, a user can “reverse-engineer” it to find the holes in iOS and then use that to attack iPhone users at large, picking up important information such as user names, phone numbers and passwords.

This is not news to the hackers themselves. Comex, the university student who developed the code on, points it out, and explains it like this:

I did not create the vulnerabilities, only discover them. Releasing an exploit demonstrates the flaw, making it easier for others to use it for malice, but they have long been present and exploitable. Although releasing a jailbreak is certainly not the usual way to report a vulnerability, it still has the effect of making iOS more secure in the long run.

His solution, ironically, is to jailbreak the device, because while Comex has released a patch to safeguard against this vulnerability, Apple still has not (although it tells Reuters (NYSE: TRI) that it is now working on one):

Along with the jailbreak, I am releasing a patch for the main vulnerability which anyone especially security conscious can install to render themselves immune; due to the nature of iOS, this patch can only be installed on a jailbroken device. Until Apple releases an update, jailbreaking will ironically be the best way to remain secure.

The prospect of malware, it should be pointed out, is only a prospect and not a reality at this point, but as Apple continues to become a more mainstream device maker putting ever more services into the ether, these types of reports are only bound to increase. (It’s the second Apple breach we’ve reported on this week alone.)