Login  |  Register  |  Contact

Remember, every jailbreak is a security exploit

See update at the bottom

TechHive’s piece on the new iOS 6.1 jailbreak.

Only works on the pre-A5 processors, which means the iPhone 4S and iPad 2 and later are safe. The device must be connected to a computer for it to work.

This is a tethered jailbreak which means it goes away when the device is rebooted. But this same technique enables you to forensically dump the phone, and all data is exposed except unless encrypted with Data Protection or another technique (see my Defending Data on iOS paper).

It (and the source articles) suggests that an untethered jailbreak for all devices is coming. I can practically guarantee Apple will patch that pretty much immediately, because it will be a massive security issue allowing any attacker to control any iDevice that visits a malicious web page.

If it’s real.

Update: I misspoke a bit – my bad. Untethered doesn’t necessarily mean remote – it means the jailbreak persists across reboots. The security risks are obviously much less. Sleep deprivation is not my friend.

—Rich

No Related Posts
Previous entry: Understanding IAM for Cloud Services: Use Cases | | Next entry: It it was easy, everyone would be doing it…

Comments:

If you like to leave comments, and aren't a spammer, register for the site and email us at info@securosis.com and we'll turn off moderation for your account.

Name:

Email:

Remember my personal information

Notify me of follow-up comments?