Browser-Based Jailbreak For iPhone 4 Released 154
WrongSizeGlass writes "Apple Insider is reporting on a browser-based 'jailbreak' for iPhone 4. Hackers on Sunday released the first 'jailbreak' for the iPhone 4, a browser-based exploit that allows users to run unauthorized code. Unlike previous jailbreaks, which required users to run software on their Mac or PC and tether their iPhone to their computer, the latest hack is done entirely within the Safari browser. Users simply visit the URL to begin the process, which modifies the iOS mobile operating system found on the iPhone, iPod touch and iPad. Some users have reported that the modification results in broken MMS and FaceTime functionality. This jailbreak does not work on iPads running iOS 3.2.1. "
Apple Insider? Pah! (Score:5, Informative)
Now, just need a fix for iOS4 being slow and shit on the iPhone 3G....
Re:Apple Insider? Pah! (Score:4, Informative)
http://lifehacker.com/5599406/disable-spotlight-searches-to-improve-iphone-3g-performance-on-ios-4 [lifehacker.com]
turn off the parts of spotlight you don't use
Re:Security issue? (Score:5, Informative)
Yes, but there has never been a time where Mobile Safari was free of remotely exploitable flaws. If you look at the history of the iPhone OS release notes, you will always find gaping holes that were closed in Safari, and many of them were uncovered by third parties. For example see the release notes of iOS 4.0 [apple.com] which contain nuggets like "Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution" due to CVE-2009-2195 in WebKit.
Note: Userland Jailbreak, Not Bootrom Jailbreak (Score:5, Informative)
Just as a heads up to anyone thinking of buying and/or jailbreaking an iPhone 4, keep in mind that this is a userland jailbreak (like Spirit) and not a bootrom jailbreak like 24Kpwn. This is significant because this jailbreak only works on iOS versions with the vulnerable component, which means that Apple can and surely will patch it out in 4.1. This is also why Apple is signing their firmware: once they do release 4.1 they'll stop signing 4.0.x and it will be impossible to jailbreak new iPhone 4/3GSes as those devices will ship with 4.1 and it will be impossible to downgrade. Existing owners should be sure to backup their SHSH blobs using Cydia or Tiny Umbrella [blogspot.com] so that you can downgrade or reinstall 4.0.x in the future, otherwise you will be trapped just like new iPhone owners. 3G owners are also encouraged to backup their SHSH blobs, as Apple is soft-signing iOS 4.x on those devices (even though the hardware can't enforce it).
Anyhow, while I'm excited to see an iPhone 4 jailbreak, I'm a bit worried about the fact that it's another userland jailbreak. No one has successfully exploited the Apple bootrom since iBoot-359.3.2 was released last year, which is troubling. It's not possible to replicate the complete jailbreakability of the iPhone/3G without a bootrom exploit, and as iOS can quickly be updated to stamp out new userland exploits there's a distinct risk of the hackers running out of practical ways to jailbreak the platform through such limited means. Unless someone does find a new bootrom exploit, the "golden age" of jailbreaking has probably already sailed, and in the long run this is a very bad thing. The (practically) unhackable computer marches in on all fronts...
Facetime/MMS fixed (Score:5, Informative)
The Facetime and MMS issues were due to a permissions problem, which has already been sorted out, per planetbeing's Twitter feed [twitter.com].
Re:Apple Insider? Pah! (Score:5, Informative)
just tried that on my ipod (which is basically iphone 3g hardware), and loading the ipod-app still takes noticable time, rather then being instantanious in 3.1.3
i really regret upgrading the ios 4, the only added function i can find is threaded email (of which apple's implementation SUCKS), and i got a serious performance drop
Re:Apple Insider? Pah! (Score:4, Informative)
Try doing a hard reset [cultofmac.com] to the 3G phone x2. My wife's phone was unusable after the iOS4 update. This did the trick. It's worth a try.
Re:Security issue? (Score:5, Informative)
Yes it is. Just staring at some hexdumps, it's not a hole in the browser, it is a hole in PDF Type1C font loading. Escalates to kernel space via an IOSurface allocation bug. A malicious PDF (think iBooks...) could do far nastier things than jailbreak for you.
CAPTCHA: "clothing" ... Wolf in sheep's, that is.
Re:Note: Userland Jailbreak, Not Bootrom Jailbreak (Score:5, Informative)
Well yes and no. PDF was created by Adobe, but it's actually an ISO standard (ISO 32000 [slashdot.org]). Adobe does tend to extend it though...
Anyhow, it's not an Adobe plugin that's doing this. Apple writes their own PDF software, and indeed Mac OS X has had native PDF capabilities its whole life. This is a flaw in Apple's PDF handler - Adobe for once has nothing to do with this.
Re:Note: Userland Jailbreak, Not Bootrom Jailbreak (Score:5, Informative)
Re:Apple Insider? Pah! (Score:3, Informative)
I had 4.0 running on my 3G for a couple or three weeks. I got tired of apps not starting up, extreme sluggishness, etc., so I ended up downgrading to 3.1.3. I enabled native multitasking (my phone is jailbroken), but it seemed to be less capable than the multitasking provided by Backgrounder. If I left a webpage or two open in Safari, odds were good that attempts to start other apps would fail. Even if I rebooted the phone, it'd take an interminably long time to open most apps. I had half a thought to have PwnageTool make an image with native multitasking disabled, but the final straw that sent me back to 3.1.3 was that 4.0 broke AirVideo's TV-out capability. The ability to group related apps together was nice (went from six or seven pages of apps down to just two), but iOS 4.0 caused too much other breakage for my taste.