Information for you before you Jailbreak.

NickK

NickK

NickK

Soldato
Joined
13 Jan 2003
Posts
24,826
As an ex iPhone apps developer and a long time developer in general I thought I'd clarify a few things with jailbreaking. I'm not going to tell you what you should do so please extend the same curtesy.


1. Sandboxing
You may have heard a lot about sandboxing. It's a form of protection, both against applications crashing the phone and for user data.

On iOS, applications cannot access other application's data - either in memory or stored in the filing system unless it's stored in a shared area.

By removing sandboxing, any application can now access other application's data, the program code and the user data.

If the JB removes the certificate checks then I can write an application to modify your bank program to pass any key strokes or data to my application and then forward onto me. If I was a malicious developer..

2. iOS restrictions on application 'hooks'

iOS enforces things such as the user being aware of SMS messages being received or being sent.

I, as a malicious developer, could replace the iOS code that enforces this allow my application to send/receive SMS messages - perhaps to a premium rate SMS service.

There is nothing stopping me from replacing the SMS/MMS client on the phone and now and watch your conversations.

3. Application inspection
There has always been a large privacy opportunity for application developers to upload the entire phone user's address book contacts over the internet to their own website (you can get a copy of all contacts in your address book in one developer API command).
There's also phone number (MSISDN) and other information such as EMEI etc that can be harvested and reported in such a way.
Apple came down hard on developers that attempted this practice and this still continues to be a battleground as companies have been plundering user address books and uploading them. So if you wondered how a company got your details - have a chat to the friend that downloaded their app..
Does iOS un-JB fix this? No.. but the app store places a barrier to it.


So there you have it. I thought I would put some security/privacy concerns down without pointing at the usual lines of warez etc etc. 99% of this requires the user to install dodgy applications (let's not beat about the bush - the user is the weakest link in security).

Now with that - it's up to you what you do with your phone.
 
Last edited:
similar issues exist with rooted android devices.

Moral of the story, if you going to hack your phone, know what you're doing and what your apps are doing.
 
Thanks for the info NickK, is there any risk within the jailbreak itself or is it just from installing apps? I have only installed MyWi and don't intend to use cydia or any other apps so is there any risks? I'm assuming as MyWi is quite well known it's unlikely to be dodgy?
 
n111ck said:
Thanks for the info NickK, is there any risk within the jailbreak itself or is it just from installing apps? I have only installed MyWi and don't intend to use cydia or any other apps so is there any risks? I'm assuming as MyWi is quite well known it's unlikely to be dodgy?
Click to expand...

What's interesting is that the current 'slide to JB' actually uses a PDF injection attack vulnerability to install itself. I would suspect that this JB would be analysed heavily. This shows iOS itself has problems however Apple have a vested interest to resolve the problems asap.

The issue is that if code is not written correctly it can open up the platform for further attacks just because the code will only be coding to make it work.

In short - it's not possible to state if JB apps or apps running under the JB are doing any damage. So I can't give you validation or not that it's safe.
 
Good post. The jailbreakers are putting a lot of trust in code that's running on a device that stores a lot of personal information. As long as they know the risks then it's up to them.

As for the PDF exploit, Apple need to fix this and fix it for all versions of iOS.
 
I forgot to mention - uninstalling an application will not replace any system binaries that may have been tampered with.
 
Pug said:
restoring the iphone will though, no?
Click to expand...

If you flash the firmware back to a standard iOS build (ie 4.0.1), you're essentially formatting the flash chip and restoring the image of the iOS (ie all the files). From this point onwards the iOS will enforce certificated applications, sand boxing etc. You're then back to a standard iOS phone where applications need to be signed to install and run.. therefore requires the application to go though ITunes app store.. etc etc.
After reflashing then iTunes puts the data back up on the phone, then installs the signed apps from iTunes.
 
Last edited:
Didn't know it was as simple as a PDF bug. Well there you are!

All info true, and users need to be especially wary of installing things like OpenSSH (which allows your PC to access the files on your phone).

Do not install OpenSSH or other similar tools on your phone unless and until you know how to change system-level passwords (I'm not talking about the lock screen). Failing to change that password is a one-way ticket to hackville.

Oh, by the way, a standard restore doesn't necessarily completely get rid of a Jailbreak (there have been reports of jailbroken iPhones not restoring properly). The only way to be sure is a DFU Mode restore - but again, know what you're doing first.
 
Berserker said:
Didn't know it was as simple as a PDF bug. Well there you are!
Click to expand...

The exploit used by JailbreakMe to jailbreak your iPhone was a major security issue as it can download pretty much anything to your iPhone, including some malicious code, via a PDF glitch.

To fix this you can simply go to Cydia and download PDF Loading Warner. It’s a free app that will display a warning before allowing your iPhone to download a PDF file. This will avoid you being duped by a malicious software.

While this app gives you another layer of security, you’re in no way safe from having your iPhone compromised, at least until Apple officially patches this exploit. On the safe side though, chances of you being hacked are very thin so don’t stress out too much over it.
 
also if you surf the net you could get a virus.... nothing is without risk... good information to ponder on but if your considering jailbreaking the chances are you will do it anyway.

There was an interesting article that tried to say that all jailbreakers are hackers and only install blagged software, I personally pay for all my apps and music but jailbreak so I can unlock and use whatever network I want.

Does anyone know if orange will unlock and Iphone 4 either for free or chargable?
 
arfur said:
There was an interesting article that tried to say that all jailbreakers are hackers and only install blagged software, I personally pay for all my apps and music but jailbreak so I can unlock and use whatever network I want.
Click to expand...

I've just JBed and installed LockInfo for a decent lockscreen. It looks like I'll have to pay $5 after a month, but I'm more than willing to do that. It's more useful than any 'legitimate' app I've paid for!

You can use pirated apps by JBing, but I don't think that's most people's reason for doing it.
 
GJ02 said:
NickK
do you have JB iPhone ?
Click to expand...

Me - no. Just a regular one.

Although I know two friends that have JB iPads, JB iPhones. They are both work as developers and know their unix.

I thought that the best example of it was that by sending "BOOM" via skype to a mate's iPad the buggy version of growl caused it to kernel panic and reboot.

That demonstrates the lack of sandboxing..
 
ive always JB my iphones, but the IP4 im not so sure
it has everything i need on it as it is
so for the time being im leaving it alone
 
I have DFU restored and then restored to a pre jailbreak backup - does this mean there should be no traces of the JB on the phone?
 
Abit of a dramatic post but you'd have to be a right tool to install something that does anything like that.

Keep it to well known apps and everything will be fine.

Besides compare it to some app store apps which submit data on you which you can actually block when you've jailbroken!
 
You must log in or register to reply here.
Back
Top Bottom