backtop


Print 27 comment(s) - last by robinthakur.. on Jul 20 at 8:21 AM


  (Source: Pinoy Tutorial)

The new update conveniently blocks the only route of jailbreaking to the iPad 2.
OS update also closes a significant security hole

Jailbreaking phones -- removing operating system makers' restrictions on things like OS themes and allowed programs -- is today technically legal under Library of Congress amendments to the Digital Millennium Copyright Act [PDF] (DMCA).  But just because it's legal to jailbreak, doesn't mean Apple, Inc. (AAPL) will allow it.

Apple argued unsuccessfully to the U.S. government that jailbreaking could allow terrorists to turn their iPhones into digital weapons, and could assist drug dealers.  Apple refuses to give users an open path to jailbreaking their phones, so users are forced to discover exploits that allow unauthorized code to be run.  This is very convenient for Apple as it can justify closing the jailbreak route as a "security fix".

Thus is the case with iOS 4.3.4.  The updates' only real action is to fix the mishandling of fonts in PDF files, which previously allowed for jailbreaking -- or malicious code execution.

Users can find the update here, for various devices: The update is significant as it cripples JailbreakMe 3.0, currently the only way to jailbreak Apple's new iPad 2 tablet. Jailbreaks are generally divided into boot-related jailbreaks and injection jailbreaks.  Thus far no boot-level jailbreaks work on the iPad 2, due to its new A5 dual-core CPU.  And the only injection-based jailbreaks currently in action relied on the PDF exploit.

The original iPad and present iPhone lineup is still jailbreakable via boot-level jailbreaks, such as redsn0w, PwnageTool and sn0wbreeze.  There's little Apple can do to prevent these jailbreak routes, much to chief executive Steven P. Jobs chagrin.  Mr. Jobs has expressed a strong dislike for jailbreakers in past interviews.

While Apple can claim the recent update was to "protect" users, in reality it will only add additional safety to the most careless of users.  After all, a program called "PDF Patcher 2" was widely available via the Cydia app store and other sources.  The PDF Patcher 2 does pretty much the exact same thing as iOS 4.3.4, but does so after the user has jailbroken.  

It is presumable that most users who are knowledgeable enough to jailbreak in the first place would properly protect their phones against malicious code by adding the patch post-jailbreak, especially since the JailbreakMe FAQ instructs the user to do so.

So it looks like Apple has won this round.  One of its devices is yet again unjailbreakable -- at least for now.


Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: It's futile to try and stop jailbreakers
By omnicronx on 7/18/2011 3:47:44 PM , Rating: 2
quote:
Boot level access is by far the preferred way to jailbreak, but Apple has proven that with the A5 this is no longer a viable route.
No such thing have been proven, Apple just changed the bootrom on the A5 SoC and thus has yet to be cracked. The A5 bootrom was dumped recently, so I doubt they will be able to keep jailbreakers out for long.

I find it hilarious that people continue to believe the myth that something can be 100% hack proof, especially in terms of a device that said hackers have physical access too.


By bah12 on 7/18/2011 5:57:22 PM , Rating: 2
quote:
I find it hilarious that people continue to believe the myth that something can be 100% hack proof, especially in terms of a device that said hackers have physical access too.
As stated I don't think anything can be hack proof, just that a closed system like iOS would be the closest thing we can hope for. I liken it to putting cameras up at your house. A determined crook will break in anyway regardless of your security, what you hope for is that they see them and hit your neighbors house instead.

Certainly with enough physical access to a device anything can be hacked, but what business model holds the best hope that they will move on down the line?


"We’re Apple. We don’t wear suits. We don’t even own suits." -- Apple CEO Steve Jobs














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki