It only affects those who have installed SSH and not changed the default password. To fix: go into Cydia install the MobileTerminal app, and use the passwd command to change the default from "alpine", to something a little more secure. [Sophos and BBC]

This worm attacks IP ranges from a larger range of ISPs, including UPC (Netherlands), Optus (Australia), and T-Mobile (Many). When an infected device is hooked up to a WiFi connection, the worm can spread more quickly to more IP addresses than on a typical 3G connection. One symptom noted by security.nl is that battery life is very, very short when the device is connected to WiFi, because the worm is generating so much network activity

Sophos reports that the worm appears to do nothing worse than spread and change the unlock screen wallpaper. It could have spread to other countries, but is most likely confined to Australia at this point.

The worm's creator, a 21 year old student from Sydney, told Australia's national broadcaster: "The virus itself is not malicious and is not out to hurt people. It's just poking fun and hoping waking people up a little."

But with rickrolling going on, and that Dutch guy holding hacked jailbroken phones to ransom, it may only be a matter of time until some dip-shit does something more malicious.

So if you're a Jailbreaker, go into Cydia, install the MobileTerminal app, and use the passwd command to change the default from "alpine", to something a little more secure. [Sophos]

xGPS uses Google's map data and driving directions, adding a real-time navigation readout and a voice engine. You can also select a map area to download ahead of time, just in case you expect to lose your data connection during the drive. As you can see in ModMyi's video above, the app also supports a number of external GPS units, so 1st-gen iPhone and iPod Touch users can get in on the monotone fun too.

The project has been gestating for a few months now, but many vital features, including the voice engine, weren't implemented until this release. xGPS 1.2 is now will soon be available in Cydia. UPDATE: An older version without vocalization in current available in the repositories, but the newest version is expected to be publicly available within the week. [xGPS via ModMyi—Thanks, Aleksey!]

The update prevents jailbreaking by disabling the software at the computer level, a step up from what the company usually does: release a firmware update that re-locks the iPhone. Now it's stopping your Mac from recognizing the device in DFU (device firmware update) mode by inflicting new code on the USB ports on Apple computers.

While the iPhone Dev Team is no doubt working to figure out a new hack around this, some are reporting that the simplest way to work around the update for now is to copy some of the 10.5.5 framework files over the newer ones... or not update. [Information Week and Spaziocellulare]