backtop


Print 27 comment(s) - last by robinthakur.. on Jul 20 at 8:21 AM


  (Source: Pinoy Tutorial)

The new update conveniently blocks the only route of jailbreaking to the iPad 2.
OS update also closes a significant security hole

Jailbreaking phones -- removing operating system makers' restrictions on things like OS themes and allowed programs -- is today technically legal under Library of Congress amendments to the Digital Millennium Copyright Act [PDF] (DMCA).  But just because it's legal to jailbreak, doesn't mean Apple, Inc. (AAPL) will allow it.

Apple argued unsuccessfully to the U.S. government that jailbreaking could allow terrorists to turn their iPhones into digital weapons, and could assist drug dealers.  Apple refuses to give users an open path to jailbreaking their phones, so users are forced to discover exploits that allow unauthorized code to be run.  This is very convenient for Apple as it can justify closing the jailbreak route as a "security fix".

Thus is the case with iOS 4.3.4.  The updates' only real action is to fix the mishandling of fonts in PDF files, which previously allowed for jailbreaking -- or malicious code execution.

Users can find the update here, for various devices: The update is significant as it cripples JailbreakMe 3.0, currently the only way to jailbreak Apple's new iPad 2 tablet. Jailbreaks are generally divided into boot-related jailbreaks and injection jailbreaks.  Thus far no boot-level jailbreaks work on the iPad 2, due to its new A5 dual-core CPU.  And the only injection-based jailbreaks currently in action relied on the PDF exploit.

The original iPad and present iPhone lineup is still jailbreakable via boot-level jailbreaks, such as redsn0w, PwnageTool and sn0wbreeze.  There's little Apple can do to prevent these jailbreak routes, much to chief executive Steven P. Jobs chagrin.  Mr. Jobs has expressed a strong dislike for jailbreakers in past interviews.

While Apple can claim the recent update was to "protect" users, in reality it will only add additional safety to the most careless of users.  After all, a program called "PDF Patcher 2" was widely available via the Cydia app store and other sources.  The PDF Patcher 2 does pretty much the exact same thing as iOS 4.3.4, but does so after the user has jailbroken.  

It is presumable that most users who are knowledgeable enough to jailbreak in the first place would properly protect their phones against malicious code by adding the patch post-jailbreak, especially since the JailbreakMe FAQ instructs the user to do so.

So it looks like Apple has won this round.  One of its devices is yet again unjailbreakable -- at least for now.


Comments     Threshold


This article is over a month old, voting and posting comments is disabled

It's futile to try and stop jailbreakers
By FlyBri on 7/18/2011 9:30:46 AM , Rating: 2
Eventually they're going to find a way to jailbreak the iPad 2 again. It's seriously a waste of time for Apple to try and stop jailbreakers. Plus, I find it quite ironic that Steve Jobs has expressed his disdain for jailbreakers, yet who did he hire to help program iOS 5? That's right...a jailbreaker.




By Pirks on 7/18/2011 10:28:46 AM , Rating: 2
Jobs just poses for RIAA/MPAA and copyright bozos in suits. "Nah nah nah, we good Apple, we keep evil piratez away from your golden music/movies, come on board MPAA/RIAA, we need your content, blah blah blah", bozos in suits give Jobs content, Jobs sells more stuff, everyone's happy except a few pirates (but who cares)


By ltcommanderdata on 7/18/2011 10:35:16 AM , Rating: 3
Personally, I don't think Apple is dead-set against jailbreaking in the sense that every time someone jailbreaks someone as Apple gets furious and swears. Afterall, to Apple, an iDevice sold is an iDevice sold. And jailbreaking for Apple is a small price to pay for Apple to have a group of more tech literate than average customers and in the case of jailbreak developers, a group of very talented programmers, interested in pushing the iOS platform. Apple's concern is probably that jailbreaking doesn't become mainstream or used by the majority of users since it'll affect Apple's ability to direct their vision of where the iOS platform should go and could create a support nightmare if people who don't really know what they're doing jailbreak and start installing every theme and kernel patch their friends or relatives recommend in order to spruce up their device. As such Apple puts up a negative public face on jailbreaking keep it in check, but as you say, aren't afraid to hire jailbreakers or seem to go to the lengths Sony does to prosecute them.


By omnicronx on 7/18/2011 10:42:20 AM , Rating: 3
What exactly are they suppose to do though? The entire premise of jailbreaking is finding an exploit to gain root access.

Thus anyone could potentially take advantage of said exploit, not merely jailbreakers if they don't patch it.

I have nothing against jailbreaking your device, but it is the responsibility of any manufacturer to patch these kinds of exploits for the remaining large percentage of users that do not jailbreak their device.

As long as the premise of jailbreaking remains the same, Apple let alone any other manufacturer can't be in the wrong here.

Jailbreakers will always come up with new exploits for your device, just be prepared to stay a version back while they do their magic.

And of course you could always jump to a platform that lets you do pretty much anything you want ;)


By Skott on 7/18/2011 11:41:39 AM , Rating: 2
I guess its fair to say anyone wanting to use the tablet for terrorist activities or anything else illegal would probably jailbreak the iPad2. So they're right on that part. Jobs and Apple would be smarter however to design their products to allow the consumer to use the product in a way that makes them happy. Catch more flies (customers) with honey as the saying goes. But I guess that would be too easy for them.


By kmmatney on 7/18/2011 1:08:20 PM , Rating: 2
The problem is that these jailbreak exploits could potentially be used to install malicious software on the devices, so they really do need to patch these holes.


RE: It's futile to try and stop jailbreakers
By bah12 on 7/18/2011 2:11:56 PM , Rating: 1
quote:
It's seriously a waste of time for Apple to try and stop jailbreakers.
I don't entirely agree. Certainly I think that anything can be hacked eventually, but in a completely closed hardware/software environment it should be technically possible to make the device hack proof (or at the very least highly hack resistant).

Look at where we are today. Boot level access is by far the preferred way to jailbreak, but Apple has proven that with the A5 this is no longer a viable route. Jailbreaks since then are being done as software exploits. In an app based environment like iOS resides in, eventually these holes can be patched as well.

Again I'm not saying that they can ever make it 100% hack proof, but they can certainly get close. Assuming they can get 100% secure from the hardware side, and 100% secure from the app store side, and 100% secure from the local programs side. That only leaves exploits via the internet facing side, these too can be closed if Safari wasn't a giant piece of sh..t.

Now all this would take more effort than they are willing to put toward it, but I'd still argue that in a closed system they can make it secure enough that the hackers quit trying. Of course an internet facing device is never really a true closed system, so maybe it isn't possible.

Don't get me wrong I think Apple is still one of the most insecure platforms today, but it has the potential to be one of the better ones. Think of Windows 7 security combined with a tightly controlled app store. IMO the biggest obstacle to security is the user, if they physically cannot install crap that isn't pre-certified virus free (aka an app store), they will still get viruses. All it takes is a clever pop up and Joe Bob User will just keep hitting yes to install no matter how many UAC messages you give him. After all he just won a new car!!!


RE: It's futile to try and stop jailbreakers
By omnicronx on 7/18/2011 3:47:44 PM , Rating: 2
quote:
Boot level access is by far the preferred way to jailbreak, but Apple has proven that with the A5 this is no longer a viable route.
No such thing have been proven, Apple just changed the bootrom on the A5 SoC and thus has yet to be cracked. The A5 bootrom was dumped recently, so I doubt they will be able to keep jailbreakers out for long.

I find it hilarious that people continue to believe the myth that something can be 100% hack proof, especially in terms of a device that said hackers have physical access too.


By bah12 on 7/18/2011 5:57:22 PM , Rating: 2
quote:
I find it hilarious that people continue to believe the myth that something can be 100% hack proof, especially in terms of a device that said hackers have physical access too.
As stated I don't think anything can be hack proof, just that a closed system like iOS would be the closest thing we can hope for. I liken it to putting cameras up at your house. A determined crook will break in anyway regardless of your security, what you hope for is that they see them and hit your neighbors house instead.

Certainly with enough physical access to a device anything can be hacked, but what business model holds the best hope that they will move on down the line?


By robinthakur on 7/20/2011 8:20:17 AM , Rating: 2
Another big reason for closing these holes is to protect developers and content owners. Jailbreaking does free you up to do anything you want (within reason) on the device but also opens the way to download pirated apps and to rip streamed content from services like iPlayer. This is one reason why Channel 4 in the UK didn't release it's streaming player app on the iPhone I recall but did release it on the iPad! Developers would soon get cheessed off with the iOS platform if their revenues took a bigger dip due to piracy, so Apple is prtecting itself in this sense...


By robinthakur on 7/20/2011 8:21:40 AM , Rating: 2
Another big reason for closing these holes is to protect developers and content owners. Jailbreaking does free you up to do anything you want (within reason) on the device but also opens the way to download pirated apps and to rip streamed content from services like iPlayer. This is one reason why Channel 4 in the UK didn't release it's streaming player app on the iPhone I recall but did release it on the iPad! Developers would soon get cheessed off with the iOS platform if their revenues took a bigger dip due to piracy, so Apple is protecting itself in this sense...


"You can bet that Sony built a long-term business plan about being successful in Japan and that business plan is crumbling." -- Peter Moore, 24 hours before his Microsoft resignation














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki