Follow Slashdot blog updates by subscribing to our blog RSS feed

 


Forgot your password?
Close
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Cellphones Handhelds Iphone Security Apple

Browser-Based Jailbreak For iPhone 4 Released 154

Posted by CmdrTaco from the oh-yeah-totally-secure dept.
WrongSizeGlass writes "Apple Insider is reporting on a browser-based 'jailbreak' for iPhone 4. Hackers on Sunday released the first 'jailbreak' for the iPhone 4, a browser-based exploit that allows users to run unauthorized code. Unlike previous jailbreaks, which required users to run software on their Mac or PC and tether their iPhone to their computer, the latest hack is done entirely within the Safari browser. Users simply visit the URL to begin the process, which modifies the iOS mobile operating system found on the iPhone, iPod touch and iPad. Some users have reported that the modification results in broken MMS and FaceTime functionality. This jailbreak does not work on iPads running iOS 3.2.1. "
This discussion has been archived. No new comments can be posted.

Browser-Based Jailbreak For iPhone 4 Released More

Browser-Based Jailbreak For iPhone 4 Released

Comments Filter:

  • Does the jailbreak patch the exploit? (Score:5, Interesting)

    by Gopal.V ( 532678 ) on Monday August 02, 2010 @09:02AM (#33109032) Homepage Journal

    If a website can run unauthorized code by just visiting a page, does the jailbreak "innoculate" against the exploit it uses?

    Or would apple's fix for the bug also break the jailbreak? (they'll do that, I guess).

  • Serious security hole (Score:5, Interesting)

    by wvmarle ( 1070040 ) on Monday August 02, 2010 @09:15AM (#33109134)

    Users simply visit the URL to begin the process, which modifies the iOS mobile operating system found on the iPhone, iPod touch and iPad.

    This sounds like a huge security hole. If simply visiting a web page can modify the OS of the phone, then this can surely be used for more malicious purposes. Maybe the user has to make some more clicks but then how hard is it to social engineer a user into doing that, and the attacker can do anything they like. Such as installing back doors, keyloggers, whatever. This I think is more than just a jailbreak: this is a root exploit in the browser. Scary, to say the least.

    The jailbreak itself may not work on other versions of iOS, but as it involves Safari I wouldn't be surprised if the root exploit itself works there as well. Binary patching of the running O/S (which is what I guess they are doing) of course works only against a specific version, minor revisions may break it, so no surprise it doesn't work for the iPad.

    This is one I have to say I hope Apple plugs quickly. It just sounds too scary to me.

  • Re:Apple Insider? Pah! (Score:5, Interesting)

    by Richard_at_work ( 517087 ) <richardprice AT gmail DOT com> on Monday August 02, 2010 @09:23AM (#33109204)
    Sod loading anything, my 3G takes a noticeable period of time to react to UI inputs, screen rotations et al when it didn't under the previous OS. iOS4 sucks for the 3G, I don't know why Apple included it in the release.

  • Re:Apple Insider? Pah! (Score:3, Interesting)

    by Vectormatic ( 1759674 ) on Monday August 02, 2010 @09:31AM (#33109262)

    hmm, i havent noticed serious input lag, just that safari doing loading wont respond at all to inputs, and apps like ipod-app hang for ~5 secs when you open them

    i hope they fix it, if they dont however, i wont care all that much, in a few months my ancient symbian powered nokia will be replaced by a HTC android device, which will also make my ipod redundant

  • Re:Does the jailbreak patch the exploit? (Score:5, Interesting)

    by TheRaven64 ( 641858 ) on Monday August 02, 2010 @10:11AM (#33109718) Journal
    You've got to love the iPhone spin on this. On any other platform, this would be termed a remote root hole - jailbreaking doesn't just require running arbitrary code, it requires becoming a privileged user who can install arbitrary software as well. On the iPhone, it's a browser-based jailbreak. With a vulnerability like this, you could easily write a worm that would infect a large proportion of iPhone users (just have their phones email / IM the URL of the exploit + payload to everyone in the address book), but somehow the publicity talks about how great it is that you can use it to regain control over the device that you own, rather than about how anyone else can do the same.

  • Sometimes I believe Apple puts these back doors in (Score:5, Interesting)

    by line-bundle ( 235965 ) on Monday August 02, 2010 @10:15AM (#33109794) Homepage Journal

    To have the "cutting edge" people test out new features.

  • Re:Apple Insider? Pah! (Score:2, Interesting)

    by crispy_one ( 972049 ) on Monday August 02, 2010 @10:36AM (#33110066)
    Tell me that Steve Jobs did not write this article... http://www.computerandvideogames.com/article.php?id=258165 [computeran...ogames.com]

    A jailbreak for the iPhone 4 has been engineered and released by hackers, meaning that dodgy users can gain access to all kinds of unofficial content.

  • Re:Apple Insider? Pah! (Score:1, Interesting)

    by Anonymous Coward on Monday August 02, 2010 @04:28PM (#33115152)

    HUH?
    If they said the OS would not work on Iphone 3G and Ipod TOuch 2nd gen or older, then that would have been a motivation for people to upgrade hardware. As it is now, you have people with devices that used to perform great are now performing like shit. Do you really think those people will want to spend on upgrading hardware thanks to getting "burned" by a shoddy OS upgrade?

Slashdot Top Deals

There is no royal road to geometry. -- Euclid

Close