Never miss an update Follow AppleInsider
Tuesday, August 03, 2010, 08:45 pm
Apple investigating jailbreak vulnerabilities
An Apple spokeswoman acknowledged that the company is looking into a report on software vulnerabilities that allow remote control and 'jailbreaking' of its iOS devices.After the French security firm Vupen posted an advisory about two critical security flaws in Apple's iOS, Apple stated that they are aware of the report and investigating it, according to Reuters.
The vulnerabilities are currently being utilized by jailbreakme.com to allow users to jailbreak an iOS device and install software independent of Apple's moderated App Store. A hacker known as "comex" developed the current jailbreak exploit and claims to know other potential exploits for when the current one is patched.
The jailbreak exploit has been called both "scary" and "very beautiful work" by one security expert. Whereas previous jailbreaks have usually required users to run software on their Mac or PC, this jailbreak takes place only on the device itself.
Mobile device security has been a hot issue as of late. Vupen's advisory comes just a few days after security experts released a root kit exploit for Android phones at the Defcon hackers conference in Las Vegas. Nicholas Percoco, who developed the exploit with a colleague, said the tool "wasn't difficult" and took two weeks to build.
On Topic: iPhone
- Apple airs new iPhone ad, continues brilliant 'quiet' TV campaign
- Rumor: Apple to vastly expand color options with this year's 'iPhone 5S' & low-cost iPhone
- Apple granted patents on push-to-talk, double-sided touch panel
- Samsung Galaxy S4 & Google Now accused of violating Apple patents for Siri
- AT&T to bring FaceTime over cellular to all customers by end of year
Previous Comments View All
I guess this is more of an incentive for Apple to fix this exploit as soon as possible. Had "comex" just alerted Apple of the issue, it would have taken a while before we would have a fix and possible acknowledgment of the exploit.
Anyway, this should be all behind us in a week or two from now.
Apple knows of the issue. They are working on a fix. I'm guessing they'll roll it in with iOS 4.1? If not, 4.0.2 then.
iPhone Dev team knows of the impending fix and already have a USB tethered option.
Interesting, Apple plugged this hole by iOS 4.1b2, before JailbreakMe came out. Not sure if it was intentional or not, but its closed. Heres what I get when i go to the site.
Quote:
Originally Posted by solipsism 
Interesting, Apple plugged this hole by iOS 4.1b2, before JailbreakMe came out. Not sure if it was intentional or not, but it's closed. Here's what I get when i go to the site.
Interesting, Apple plugged this hole by iOS 4.1b2, before JailbreakMe came out. Not sure if it was intentional or not, but it's closed. Here's what I get when i go to the site.
Maybe, maybe not.
The site checks your system version, so that's just the site backing off before trying.
I jailbroke my iPhone 4 today, but then reverted it a couple hours later. Most of the apps that convinced me to jailbreak in the first place just didn't work. I suspect that they've not been updated for iOS4 and without any social functions like the App Store like reviews, there's no way for users to know this prior to downloading (or even after, they just appear nonfunctional).
Quote:
Originally Posted by solipsism
Interesting, Apple plugged this hole by iOS 4.1b2, before JailbreakMe came out. Not sure if it was intentional or not, but its closed. Heres what I get when i go to the site.
Interesting, Apple plugged this hole by iOS 4.1b2, before JailbreakMe came out. Not sure if it was intentional or not, but its closed. Heres what I get when i go to the site.
Have you tried to downgrade? I'm sorry that I can not be of more assistance. Maybe someone more knowledgeable can help?
Quote:
Originally Posted by mbarriault
I jailbroke my iPhone 4 today, but then reverted it a couple hours later. Most of the apps that convinced me to jailbreak in the first place just didn't work. I suspect that they've not been updated for iOS4 and without any social functions like the App Store like reviews, there's no way for users to know this prior to downloading (or even after, they just appear nonfunctional).
I jailbroke my iPhone 4 today, but then reverted it a couple hours later. Most of the apps that convinced me to jailbreak in the first place just didn't work. I suspect that they've not been updated for iOS4 and without any social functions like the App Store like reviews, there's no way for users to know this prior to downloading (or even after, they just appear nonfunctional).
yeah. they all sort of work if you have enough patience. It's cool for showing people a checklist of stuff you supposedly could do though....
And though the holes were rather small. They had to count them all. Now they know how many holes it takes to fill the browsers all...
[My apologies to John Lennon.]
Quote:
Originally Posted by DrDoppio
Have you tried to downgrade? I'm sorry that I can not be of more assistance. Maybe someone more knowledgeable can help?
Have you tried to downgrade? I'm sorry that I can not be of more assistance. Maybe someone more knowledgeable can help?
Thanks, but I was pointing out that the security hole is not active with iOS 4.1 beta 2. I know how to downgrade but I have no interest to do so or to jailbreak my device.
And ihxo is right, it might still be open but requires some changes that comex hasnt implemented. Im just posting what I know.
Quote:
Originally Posted by solipsism
Thanks, but I was pointing out that the security hole is not active with iOS 4.1 beta 2. I know how to downgrade but I have no interest to do so or to jailbreak my device.
And ihxo is right, it might still be open but requires some changes that comex hasnt implemented. Im just posting what I know.
Thanks, but I was pointing out that the security hole is not active with iOS 4.1 beta 2. I know how to downgrade but I have no interest to do so or to jailbreak my device.
And ihxo is right, it might still be open but requires some changes that comex hasnt implemented. Im just posting what I know.
I must have misunderstood, my bad.
Well, at least developers with the beta are less likely to accidentally their phones.
Latest Apple Headlines
-
Apple airs new iPhone ad, continues brilliant 'quiet' TV campaign
~2 minutes ago -
Google reportedly mulling $1B Waze bid, could spark bidding war with Facebook
~4 hours ago -
Apple expands iOS Maps' 3D Flyover coverage of California
~5 hours ago -
Rumor: Apple outlines new in-house repair policy in note to Brazilian AASPs
~6 hours ago -
Apple: Samsung shirked FRAND obligations, filed suit before making a licensing offer
~7 hours ago - more...
Want to write for AppleInsider? Submit your application now!
| Model | White | Black | |
|---|---|---|---|
| iPad mini (WiFi only) | |||
| 16GB WiFi |  |
$329.99 | $329.99 |
| 32GB WiFi | |
$429.99 | $429.99 |
| 64GB WiFi | |
$529.99 | $529.99 |
| iPad mini (WiFi + 4G) | |||
 |
 |
 |
|
| 16GB 4G White | $459.99 | $459.99 | $459.99 |
| 32GB 4G White | $559.99 | $559.99 | $559.99 |
| 64GB 4G White | $659.99 | $659.99 | $659.99 |
| 16GB 4G Black | $459.99 | $459.99 | $459.99 |
| 32GB 4G Black | $559.99 | $559.99 | $559.99 |
| 64GB 4G Black | $659.99 | $659.99 | $659.99 |
Lowest Prices Anywhere!
| Model | Price | You Save |
|---|---|---|
| Core i5 MacBook Pros w/ Retina | ||
| 13" 2.5GHz/8GB/128GB | $1,406.48 | $292.52 |
| 13" 2.5GHz/8GB/256GB | $1,479.99 | $519.01 |
| 13" 2.5GHz/8GB/512GB | $1,699.99 | $799.01 |
| Core i7 MacBook Pros w/ Retina | ||
| 13" 2.9GHz/8GB/256GB | $1,599.99 | $599.01 |
| 13" 2.9GHz/8GB/512GB | $1,799.99 | $899.01 |
| 15" 2.3GHz/8GB/256GB | $1,899.99 | $299.01 |
| 15" 2.6GHz/8GB/512GB | $2,299.99 | $568.01 |
| 15" 2.7GHz/16GB/768GB | $2,699.99 | $499.01 |
Mobile device security has been a hot issue as of late. Vupen's advisory comes just a few days after security experts released a root kit exploit for Android phones at the Defcon hackers conference in Las Vegas. Nicholas Percoco, who developed the exploit with a colleague, said the tool "wasn't difficult" and took two weeks to build.
Sure iPhone is broke, but so is every other smart phone. It is an industry wide problem. Videos to come.