backtop

Print 11 comment(s) - last by Jane999.. on Aug 14 at 3:26 AM

Jailbreaking users much choose whether to give up their jailbreak privileges or expose themselves to a serious security risk.
Mac computers may also be at risk from "impressive" hack

Apple yesterday released an update to users that patches the PDF flaw in the iPhone and iPad browsers, which was unveiled 10 days ago.  While providing a convenient route to jailbreak and then unlock the iPhone iOS 4.0.x devices, it also proved a serious security risk.

iPhone Dev Team leader Comex within 10 minutes of the Apple patch went live published full details of the hack, including source code.  Looking at the source, Mikko Hypponen, chief research officer at antivirus company F-Secure, commented, "Impressive. And dangerous."

Dangerous, indeed.  Now that the code is in the wild, those customers who choose not to patch their phones must be very wary of any PDFs or links they encounter on websites, as it would be elementary to craft an attack based on Comex's source code.

One individual, “MTWomg”, brazenly posted on Twitter, "@comex thanks, using it to make malicious s*** now."

Famed iPhone and Mac exploiter Dino Dai Zovi, co-author of The Mac Hackers Handbook, chimed in, "Now that @comex released his jailbreak source, any bets on how long before it is ported to Metasploit?"

Zovi referred to the Metasploit which black hat hackers commonly use as a hacking toolkit, despite being intended as a legitimate penetration testing kit for security researchers.

Only the iPhone 3G, iPhone 3GS, corresponding iPod Touches, iPad, and iPhone 4 were patched.  Apple left the first generation iPhone and iPod Touch unpatched and at risk.  Interestingly, Apple's desktop Safari may also be vulnerable to a similar exploit of the FreeType font engine.  No patches have been applied to the desktop browser, yet.

The iPhone Dev Team calls Apple out for leaving users of older iPhone hardware out of the loop:

The only problem is they outright abandoned iPhone2G and iPod Touch 1G users!  Even though Apple acknowledges in their security update the severity of these holes, they left iPhone2G and ipt1G owners high and dry — completely vulnerable to truly malicious variants of jailbreakme (these variants aren’t out yet, but they’re sure to come!).

However, users of jailbroken phones and iPads can download a patch for their devices running iOS 4.0.1 and iOS 3.0.1 to plug the security hole directly from Cydia.

The official Apple patches for the PDF vulnerability are available here for iOS 4.0.2 for iPhone and iPod touch and here for iOS 3.2.2 for iPad.

Comments     Threshold


This article is over a month old, voting and posting comments is disabled
New approach to battling jailbreakers
By tastyratz on 8/12/2010 3:47:19 PM , Rating: 2
Taking all kinds of heat on anticompetitive practice? Well this is what one might call "self weeding". a way to prevent people from jailbreaking their phones and forcing them to upgrade to new devices. Passive and clever as well as no fault. sad.




RE: New approach to battling jailbreakers
By kmmatney on 8/12/2010 7:41:25 PM , Rating: 2
Well, I don't know about the sad part. It's pretty much something that has to be fixed - and by definition it will stop jailbreaking since it uses the same security hole.

The warranty ended recently on my 3GS, and I was planning on jailbreaking it, but hesitant knowing it might have this vulnerability. Good to know a patch is available for jailbroken phones now. I'm not sure they've figured out how to do it on a 3GS with IOS4, with the newer boot-rom, though.


By robp5p on 8/12/2010 8:50:30 PM , Rating: 2
http://jailbreakmatrix.com/

very useful site to figure out what is available for what iOS/boot loader/etc.


By jimbojimbo on 8/13/2010 12:12:30 PM , Rating: 2
quote:
I was planning on jailbreaking it, but hesitant knowing it might have this vulnerability
What?? It already has the vulnerability!!! That's the point! How come people are still confused over this matter? Tell people over and over that 2+2=4 an they'll still post that 2+2=5. How is this happening?
The 4.0.2 firmware IS NOT for fixing jailbroken phones. It's for fixing Apple's crap.

I love how a vulnerability for iOS comes out and you have to basically reinstall the entire firmware. How about a little patch instead?


"You can bet that Sony built a long-term business plan about being successful in Japan and that business plan is crumbling." -- Peter Moore, 24 hours before his Microsoft resignation











botimage
Copyright 2013 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki