Blog

Remember, every jailbreak is a security exploit

By Rich

See update at the bottom

TechHive’s piece on the new iOS 6.1 jailbreak.

Only works on the pre-A5 processors, which means the iPhone 4S and iPad 2 and later are safe. The device must be connected to a computer for it to work.

This is a tethered jailbreak which means it goes away when the device is rebooted. But this same technique enables you to forensically dump the phone, and all data is exposed except unless encrypted with Data Protection or another technique (see my Defending Data on iOS paper).

It (and the source articles) suggests that an untethered jailbreak for all devices is coming. I can practically guarantee Apple will patch that pretty much immediately, because it will be a massive security issue allowing any attacker to control any iDevice that visits a malicious web page.

If it’s real.

Update: I misspoke a bit – my bad. Untethered doesn’t necessarily mean remote – it means the jailbreak persists across reboots. The security risks are obviously much less. Sleep deprivation is not my friend.

No Related Posts
Comments

The concept of micro-payments has been around for a long time: we are talking a decade before payment providers like TextPayMe, PayMate or any of the other current payment providers started to morph the concepts of ‘micro’ payments, ‘XMS’ and ‘mobile’ payments into one.

By Tuxedo


If you like to leave comments, and aren’t a spammer, register for the site and email us at info@securosis.com and we’ll turn off moderation for your account.