Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Cellphones Handhelds Iphone Security Apple

Browser-Based Jailbreak For iPhone 4 Released 154

WrongSizeGlass writes "Apple Insider is reporting on a browser-based 'jailbreak' for iPhone 4. Hackers on Sunday released the first 'jailbreak' for the iPhone 4, a browser-based exploit that allows users to run unauthorized code. Unlike previous jailbreaks, which required users to run software on their Mac or PC and tether their iPhone to their computer, the latest hack is done entirely within the Safari browser. Users simply visit the URL to begin the process, which modifies the iOS mobile operating system found on the iPhone, iPod touch and iPad. Some users have reported that the modification results in broken MMS and FaceTime functionality. This jailbreak does not work on iPads running iOS 3.2.1. "
This discussion has been archived. No new comments can be posted.

Browser-Based Jailbreak For iPhone 4 Released

Comments Filter:
  • Apple Insider? Pah! (Score:5, Informative)

    by Richard_at_work ( 517087 ) on Monday August 02, 2010 @08:00AM (#33109016)
    This made the BBC news website front page - http://www.bbc.co.uk/news/technology-10836692 [bbc.co.uk]

    Now, just need a fix for iOS4 being slow and shit on the iPhone 3G....
    • by dwightk ( 415372 ) on Monday August 02, 2010 @08:02AM (#33109030) Homepage Journal
      • by Vectormatic ( 1759674 ) on Monday August 02, 2010 @08:16AM (#33109142)

        just tried that on my ipod (which is basically iphone 3g hardware), and loading the ipod-app still takes noticable time, rather then being instantanious in 3.1.3

        i really regret upgrading the ios 4, the only added function i can find is threaded email (of which apple's implementation SUCKS), and i got a serious performance drop

        • by Richard_at_work ( 517087 ) on Monday August 02, 2010 @08:23AM (#33109204)
          Sod loading anything, my 3G takes a noticeable period of time to react to UI inputs, screen rotations et al when it didn't under the previous OS. iOS4 sucks for the 3G, I don't know why Apple included it in the release.
          • Re: (Score:3, Interesting)

            hmm, i havent noticed serious input lag, just that safari doing loading wont respond at all to inputs, and apps like ipod-app hang for ~5 secs when you open them

            i hope they fix it, if they dont however, i wont care all that much, in a few months my ancient symbian powered nokia will be replaced by a HTC android device, which will also make my ipod redundant

          • They included it so people would buy new hardware would be my guess.
          • Re: (Score:3, Insightful)

            by Lumpy ( 12016 )

            I do...

            iAds.

          • Re: (Score:3, Insightful)

            by nurb432 ( 527695 )

            I don't know why Apple included it in the release.

            Damned if you do, damned if you don't.

          • Re: (Score:3, Insightful)

            by fredmosby ( 545378 )
            I wonder what they added that slowed it down so much. Multitasking is disabled in the 3G. As far as I can tell the new version has added folders, desktop pictures and some minor changes to the email. Yet it feels considerably slower.
            • Re: (Score:3, Informative)

              by ncc74656 ( 45571 ) *

              I wonder what they added that slowed it down so much. Multitasking is disabled in the 3G. As far as I can tell the new version has added folders, desktop pictures and some minor changes to the email. Yet it feels considerably slower.

              I had 4.0 running on my 3G for a couple or three weeks. I got tired of apps not starting up, extreme sluggishness, etc., so I ended up downgrading to 3.1.3. I enabled native multitasking (my phone is jailbroken), but it seemed to be less capable than the multitasking provided b

          • I'm not happy with iOS 4.0 on my iPod touch (second generation), either. General UI sluggishness, sometimes to the point of making Mail react so slowly to the keyboard that it becomes unusable, and at that point the only way to get things back to normal is a reboot. There is some new functionality in Mail 4.0 but I don't use it. It appears that it is possible to downgrade [iphoneheat.com] back to 3.1.3; I'm going to try that next...
          • by mjwx ( 966435 )

            Sod loading anything, my 3G takes a noticeable period of time to react to UI inputs, screen rotations et al when it didn't under the previous OS. iOS4 sucks for the 3G, I don't know why Apple included it in the release.

            Apple included it in the release because the fanboys carry on and on about how not every Android phone has 2.2 yet. Not doing so would blunt their biggest attack on Android. Besides this, wasn't the "Snappiness"* of the UI Apples only real selling point?

            * Snappiness is an unquantifiable

            • Pretty much, my GFs iphone 3GS impressed me so much last year that i got an ipod touch as a sort of PDA, then 4.0 came along and killed the responsiveness to the point where i will kick it out as soon as i get a decent android phone

        • Re: (Score:2, Insightful)

          I just tried it too. I noticed a definite improvement in performance across all apps. The music app still takes forever to launch but it's better than it was with spotlight enabled. I don't think I've ever used spotlight on my iPod so disabling was a small price to pay for a bit of extra performance and probably better battery life.

          I agree with everything you've said but your post makes it sound like disabling spotlight doesn't help at all which might discourage people from trying this hack.

          • well, just played a bit more, and it looks like ipod-launchtime is down to ~1 second, still noticably slower then before the ios4 update (and in my opinion completely unacceptable for a device sold as a music player), but this does help.

            Perhaps i'll try rebooting the thing as well..

        • by Kenz0r ( 900338 )
          There is a video tutorial on cnet tv [cnet.com] that shows you how to downgrade a 3G if you regret installing iOS4.

          Do so at your own risk, YMMV, etc...
        • by Ksevio ( 865461 )

          I'm with you on that one. I downloaded the iOS 4 since it was free and suppose to have new features. Well it's sluggish and I've seen a lot more crashes - but worst of all, the battery seems to drain a lot faster than it ever did before.

          If I could downgrade easily to iOS 3 I would.

        • by dwightk ( 415372 )

          Maybe this will help more:

          http://lifehacker.com/5572003/how-to-downgrade-your-iphone-3g%5Bs%5D-from-ios-4-to-ios-313 [lifehacker.com]

          Downgrade to 3.1.3

    • by kdogg73 ( 771674 ) on Monday August 02, 2010 @08:30AM (#33109254) Homepage

      Now, just need a fix for iOS4 being slow and shit on the iPhone 3G....

      Try doing a hard reset [cultofmac.com] to the 3G phone x2. My wife's phone was unusable after the iOS4 update. This did the trick. It's worth a try.

      • Try doing a hard reset to the 3G phone x2. My wife's phone was unusable after the iOS4 update. This did the trick. It's worth a try.

        Count me in as somebody who had this work. It was still a little slower than 3.x, but it was usable again.

    • Re: (Score:3, Insightful)

      by Lumpy ( 12016 )

      Disable the damn search junk you dont use anyways. IT sped my wifes 3G up a lot.

      If there was one thing I wish the jailbreaking community would od is submit a patch to remove the useless search on the iphone.

    • Re: (Score:2, Interesting)

      by crispy_one ( 972049 )
      Tell me that Steve Jobs did not write this article... http://www.computerandvideogames.com/article.php?id=258165 [computeran...ogames.com]

      A jailbreak for the iPhone 4 has been engineered and released by hackers, meaning that dodgy users can gain access to all kinds of unofficial content.

    • by rjch ( 544288 )

      Now, just need a fix for iOS4 being slow and shit on the iPhone 3G....

      Apple has already released a fix for this. It's called upgrading to an iPhone 4.

    • by nurb432 ( 527695 )

      Now, just need a fix for iOS4 being slow and shit on the iPhone 3G....

      There is a fix: upgrade the device. If you had done your research you would have known upfront the CPU in the 3g ( and 2g ) doesn't have the power needed. Only the 3Gs had the power of the existing devices.

  • by Gopal.V ( 532678 ) on Monday August 02, 2010 @08:02AM (#33109032) Homepage Journal

    If a website can run unauthorized code by just visiting a page, does the jailbreak "innoculate" against the exploit it uses?

    Or would apple's fix for the bug also break the jailbreak? (they'll do that, I guess).

    • by TheRaven64 ( 641858 ) on Monday August 02, 2010 @09:11AM (#33109718) Journal
      You've got to love the iPhone spin on this. On any other platform, this would be termed a remote root hole - jailbreaking doesn't just require running arbitrary code, it requires becoming a privileged user who can install arbitrary software as well. On the iPhone, it's a browser-based jailbreak. With a vulnerability like this, you could easily write a worm that would infect a large proportion of iPhone users (just have their phones email / IM the URL of the exploit + payload to everyone in the address book), but somehow the publicity talks about how great it is that you can use it to regain control over the device that you own, rather than about how anyone else can do the same.
      • by ColdWetDog ( 752185 ) on Monday August 02, 2010 @10:56AM (#33111226) Homepage

        You've got to love the iPhone spin on this...

        Your Reality Distortion Field is getting a bit weak. Time to head out to your local Apple store and buy something new and shiny to refresh the Field.

        Then you will feel better.

      • somehow the publicity talks about how great it is that you can use it to regain control over the device that you own, rather than about how anyone else can do the same

        Yeah... strange things happen when security is designed to keep users boxed in rather than to keep bad guys shut out.

      • by Rexdude ( 747457 )
        Why do I need to hack the firmware of a device that I bought, to make it do what other company products can do without meddling? This hole should serve as a wakeup call to those who talk about jailbreaking as a counter argument to the innate restricted nature of the iPhone. There's only one reason to hack a Symbian phone - to add one's own root CA to the keystore for installing self signed apps (which are usually pirated). The phones are not restricted in any other way, and even with hacked phones nothing
        • by mcvos ( 645701 )

          There's only one reason to hack a Symbian phone - to add one's own root CA to the keystore for installing self signed apps (which are usually pirated).

          Why are self-signed apps usually pirated? Who signs my app for me if I write one myself and want to test it? How do third-party app stores sign their apps?

          The ability to install unapproved apps is the entire reason for jailbreaking, and from what you're saying, Symbian doesn't sound very different from iOS.

          • by Rexdude ( 747457 )
            There's a 'symbian signed' program that was started for individual developers to sign their code with a developer certificate without having to pay license fees. Apps with a dev. certificate display a warning that they might not work correctly when you install them. On Symbian, the keystore file is stored in a protected folder on the phone's internal memory. This can be updated with the necessary self signed CAs. It does not involve reflashing the firmware or anything as drastic, and while subsequent firmw
          • by Rexdude ( 747457 )
            Also- correct me if I'm wrong - jailbreaking was also done to enable multitasking on older iPhones, and to allow tethering and other features that Apple had restricted. My point was that no part of a Symbian phone is restricted; and self signed certificates are the only reason to tamper with its internals.
            • by mcvos ( 645701 )

              Not sure about multitasking, but tethering apps were indeed refused by Apple. To get tethering, you need to be able to install third-party apps, and for that you need to jailbreak.

              Or pay for the SDK, get the source for the app, and install the app that way.

              So the only way Symbian can be superior to the iPhone in this particular respect, is if anyone can get any app signed with a developer certificate, and others will be able to install that app on their phones without requiring the source or an SDK. (Althou

              • by Rexdude ( 747457 )
                The bottom line is you don't need to hack your Symbian phone (or any other smartphone for that matter) to do the following(and some of these capabilities have been there since 2002):
                • Use with any operator
                • Tethering
                • Bluetooth file transfer.
                • Customize the UI with themes, or outright shell replacements.
                • Multitask (yes i know iPhone 4 finally added this)
                • Install apps from anywhere, without being restricted to an app store with arbitrary rules and regulations.
      • Thank you for saying this. It's always astounded me how people look at Jailbreaking as though it's a good thing that it's possible. What part of "0-day bug gives root access" (which is exactly what this is) sounds like a good thing? I've heard people tell me that they use Apple products because there are no exploits for them in the same 5 minutes that they tell me that they've jailbroken their phone, or at least considered it.

        I'm glad, for the sake of people who have iPhones, that there exists a way to give

  • Security issue? (Score:5, Insightful)

    by miffo.swe ( 547642 ) <daniel DOT hedblom AT gmail DOT com> on Monday August 02, 2010 @08:03AM (#33109040) Homepage Journal

    Isnt this a very large gaping security issue? I would assume its much worse than the Android one where you had to trick the user into installing a kernel module manually.

    • I'm sure Goatse Security is on to it.
    • Re:Security issue? (Score:5, Informative)

      by Jeffrey Baker ( 6191 ) on Monday August 02, 2010 @08:09AM (#33109094)

      Yes, but there has never been a time where Mobile Safari was free of remotely exploitable flaws. If you look at the history of the iPhone OS release notes, you will always find gaping holes that were closed in Safari, and many of them were uncovered by third parties. For example see the release notes of iOS 4.0 [apple.com] which contain nuggets like "Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution" due to CVE-2009-2195 in WebKit.

      • CVE-2009-2195 is in fact what allowed the previous Spirit jailbreak.

        • In which case the current story is non-news (as usual around here).

          • This IS news for those of us that were stuck on ios4 on a 3gs which had not previously been jailbroken. A carrier unlock is soon to follow, and given the fact I'm flying to Amsterdam this fall and want to use a prepaid sim while I'm there, this is BIG NEWS for me.
            • Re: (Score:2, Insightful)

              by Hal_Porter ( 817932 )

              Ah Apple. You can have a secure browser with outrageous roaming charges or an insecure browser which anyone can run arbitrary root code and no roaming charges.

            • by Bert64 ( 520050 )

              Many operators let you do a legitimate unlock these days, o2 in the uk for instance will unlock your iphone for free if you have it on contract while some other providers will charge you.
              You can also buy factory unlocked iphones from apple now...

              Having a legit unlock on my 3gs means i don't need to worry about baseband updates relocking the phone.

    • Re:Security issue? (Score:5, Insightful)

      by Timmmm ( 636430 ) on Monday August 02, 2010 @08:18AM (#33109158)

      Indeed. "Custom versions of Android can be easily created" gets reported as "Android vulnerable to rootkits!", but "Huge security flaw in mobile safari" gets reported as "Unlock your iPhone 4!"

      • Re:Security issue? (Score:5, Insightful)

        by whisper_jeff ( 680366 ) on Monday August 02, 2010 @08:44AM (#33109374)
        I'm sorry, but are you trying to imply that there's a negative bias against Android and a positive bias towards the iPhone on Slashdot lately? Really? Maybe you haven't been reading the site for the past year or so but, things have changed, quite a bit...
        • by mjwx ( 966435 )

          I'm sorry, but are you trying to imply that there's a negative bias against Android and a positive bias towards the iPhone on Slashdot lately? Really? Maybe you haven't been reading the site for the past year or so but, things have changed, quite a bit...

          Nope, he's quite correct, I wonder which Slashdot you've been reading. The more popular Android became over the last year the more rabid the iFanboys have become, the tide hasn't turned against them. In fact they've pulled in the ranks and are getting mod

      • by numbski ( 515011 )

        Yes, because the only way to have the ability to write to the root filesystem of your own desires is to find a vulnerability and exploit it first.

        If you were able to do it on your own without their "permission" (which you'll never get), then you wouldn't have hackers (the good guys here) looking as hard. In fact, at the end of the day this is a win/win for apple. The only downside is that by smacking the unlockers down, situations like the 3.1.2 to 3.1.3 upgrade arise. A vulnerability has been found, but

      • All OS's have security flaws. How else do Android users "root" [androidandme.com] their phones ?

        • jailbreakme.com is a remote exploit, and that's much, much, MUCH nastier.

          • Re: (Score:3, Insightful)

            Good thing Android has never had a remote exploit huh ? (Oops [readwriteweb.com].)
            At least Apple as very judicious about pushing out updates (and Apple users generally update very frequently) while some manufacturers send out handsets with old Android versions [wired.com] and don't care that much about providing their users with the latest and greatest.

        • All OS's have security flaws. How else do Android users "root" [androidandme.com] their phones ?

          Well I unlocked my Nexus One with a documented command line switch that came with the Android SDK. I was then able to flash rooted roms with the stock firmware flasher.

          It's a beautiful thing when you can do what you want with that which you own.

    • Re:Security issue? (Score:5, Informative)

      by ArcCoyote ( 634356 ) on Monday August 02, 2010 @08:52AM (#33109498)

      Yes it is. Just staring at some hexdumps, it's not a hole in the browser, it is a hole in PDF Type1C font loading. Escalates to kernel space via an IOSurface allocation bug. A malicious PDF (think iBooks...) could do far nastier things than jailbreak for you.

      CAPTCHA: "clothing" ... Wolf in sheep's, that is.

  • So in other words (Score:5, Insightful)

    by bm_luethke ( 253362 ) <luethkebNO@SPAMcomcast.net> on Monday August 02, 2010 @08:06AM (#33109066)

    You have a remote rootkit running from simply visiting a website?

    Wasn't it just yesterday or the day before we called rooting your android (which has to be tethered), erasing your old operating system, and installing a new "custom" one with a rootkit installed on it which allows remote activiation of root an attack vector (note that even a rooted Android device can't get outside the Dalvik VM)?

    I'm certain, absolutely certain that there will be no abuses of this. There will not be any nefarious person have a "must have" app that is so good that the app store refused and all you have to do are these easy steps right here on this web page! No, never happen - users would *never* be stupid enough to run things from a website - this is a great feature!

    • by jamesh ( 87723 ) on Monday August 02, 2010 @08:38AM (#33109306)

      You have a remote rootkit running from simply visiting a website?

      That was my first thought too. Apple have left a hole in iPhoneOS (IOS, no matter how you case it, will always be Cisco in my mind :) wide enough that you can get root on it simply by getting to a website? I haven't RTFA so maybe there is more to it than that but i'm a little worried. I wonder how long until I can upgrade to Android on the iPhone...

    • Nokia has a phone where you don't need to jailbreak it, you have root access in the default OS and full control to even boot from different media into a different operating system. They are probably not the first and I definitely think it's a trend that will catch on if only because the phone DOESN'T CARE where your mp3 or movie comes from, that hot new app will not be blocked or delayed for arbitrary reasons and you don't have to buy crap shareware just to get something as trivial as a stopwatch app.
      Most
    • I'm certain, absolutely certain that there will be no abuses of this. There will not be any nefarious person have a "must have" app that is so good that the app store refused and all you have to do are these easy steps right here on this web page! No, never happen - users would *never* be stupid enough to run things from a website - this is a great feature!

      Yeah that could happen, it's unlikely though since users get their apps from the App Store. This isn't like Windows where users surf the web in search of apps.
      Besides what's new, all OS's have these types of flaws including as you point out Android. Still Apple will probably need to fix this in the next release of iOS.

    • It is a hole in the library used to parse PDFs and load fonts apparently. If other platforms (linux desktop and android) use the same version of that library for PDFs, they too could be vulnerable to a remote exploit such as this.

    • by Bert64 ( 520050 )

      Cant get outside of Dalvik? I have a nexus one, and i can get a root bash shell on it (legitimately, not via any exploiting/jailbreaking process), and from here i can run native binaries easily.

  • This is a great step.

    However, only if I can run linux or android on it, I might buy an iPad.
    Yes, linux or andoid may not perform that well on this device (cpu and battery-wise), but the mere openness of these OSes is sufficient for me.

    • by zlogic ( 892404 )

      Android is Linux. In fact it's probably the best Linux distribution for touchscreen interfaces, only MeeGo is comparable (and very promising) but has a lot of catching up to do. After rooting Android you'll get a terminal with all the standard Linux console utils.
      Running Gimp, OpenOffice, Firefox or any other desktop-oriented app on such a device is suicide.

      • In fact it's probably the best Linux distribution for touchscreen interfaces

        No shit. That's what happens when someone with a little common sense realizes that using a legacy display manager on touchscreen devices may not work so well and ditches X. Morons think you can just hack debian onto a cell phone and add telephony and voila, you have a phone.

  • by rsmith-mac ( 639075 ) on Monday August 02, 2010 @08:13AM (#33109122)

    Just as a heads up to anyone thinking of buying and/or jailbreaking an iPhone 4, keep in mind that this is a userland jailbreak (like Spirit) and not a bootrom jailbreak like 24Kpwn. This is significant because this jailbreak only works on iOS versions with the vulnerable component, which means that Apple can and surely will patch it out in 4.1. This is also why Apple is signing their firmware: once they do release 4.1 they'll stop signing 4.0.x and it will be impossible to jailbreak new iPhone 4/3GSes as those devices will ship with 4.1 and it will be impossible to downgrade. Existing owners should be sure to backup their SHSH blobs using Cydia or Tiny Umbrella [blogspot.com] so that you can downgrade or reinstall 4.0.x in the future, otherwise you will be trapped just like new iPhone owners. 3G owners are also encouraged to backup their SHSH blobs, as Apple is soft-signing iOS 4.x on those devices (even though the hardware can't enforce it).

    Anyhow, while I'm excited to see an iPhone 4 jailbreak, I'm a bit worried about the fact that it's another userland jailbreak. No one has successfully exploited the Apple bootrom since iBoot-359.3.2 was released last year, which is troubling. It's not possible to replicate the complete jailbreakability of the iPhone/3G without a bootrom exploit, and as iOS can quickly be updated to stamp out new userland exploits there's a distinct risk of the hackers running out of practical ways to jailbreak the platform through such limited means. Unless someone does find a new bootrom exploit, the "golden age" of jailbreaking has probably already sailed, and in the long run this is a very bad thing. The (practically) unhackable computer marches in on all fronts...

    • by bemymonkey ( 1244086 ) on Monday August 02, 2010 @08:38AM (#33109304)

      That's troubling on a great deal of levels. Android seems to be going the same way...

      • by Nerdfest ( 867930 ) on Monday August 02, 2010 @09:15AM (#33109790)
        Android remains an open OS, but what some phone manufacturers are doing is very bad (fused ROMS, locked bootloaders). I'm hoping word spreads and people avoid those phones.
        • Re: (Score:3, Insightful)

          by bemymonkey ( 1244086 )

          Which manufacturers aren't doing it? The only phone that's rootable without finding some sort of vulnerability to exploit is still the Nexus One afaik ...

          The fact that Moto is the only manufacturer that's succeeded in locking the bootloader down so far that nobody's been able to crack it doesn't mean that others haven't tried. What we need is a completely user accessible operating system, similar to the PC. Something like OpenMoko or the N900, but good :p

          Unfortunately, most consumers prefer to be spoonfed

      • by mjwx ( 966435 )

        That's troubling on a great deal of levels. Motorola seems to be going the same way...

        Motorola Droid != Android. This is the reason the OS is developed independent of the hardware.

        HTC are still quite open, not sure about Samsung.

        I like my Motorola Milestone, but because of Moto's locked down boot loader I'll be getting a HTC phone next. Probably the HTC Vision as it looks to have the same keyboard as the Dream.

        • You should read up on rooting current HTC phones. Moto => HTC is currently very much an "Out of the fire, back into the frying pan" kind of move, because HTC seems to be locking their handsets down prety strongly too. No encrypted bootloaders, but people losing root (permanently, as it seems) when upgrading to the latest official updates, and the Desire hasn't even been fully rooted yet (no read/write access to /system/).

          I just made exactly the same switch (Moto Milestone => HTC Desire), and it seems

          • by mjwx ( 966435 )

            but people losing root (permanently, as it seems) when upgrading to the latest official updates

            Umm... that's always been the case.

            Fairly logical too. Of course the new version of the OS will re-write permissions and fix whatever hole was used to create root access. Which is why most people who want root access typically start using a community ROM. If you haven't figured this one out, you need to go back to the very basics of modding. Every modding guide since 1.1 has come with a warning saying "offici

            • "Case in point. Open/replaceable bootloader == no problems."

              Then why are the latest Desires currently unrootable? Shouldn't their bootloaders allow anything to be loaded? An unencrypted bootloader is easier to crack/unlock, but difficult nonetheless, and it doesn't mean that you can just load anything you want on the phone.

              "I haven't. My next phone will be a HTC Vision if it's decent enough and drops below A$600 (quite possible if the AUD-GBP rate doesn't change 1:0.57) due mainly to the hardware KB which l

  • Facetime/MMS fixed (Score:5, Informative)

    by RandyOo ( 61821 ) on Monday August 02, 2010 @08:14AM (#33109126) Homepage

    The Facetime and MMS issues were due to a permissions problem, which has already been sorted out, per planetbeing's Twitter feed [twitter.com].

  • by wvmarle ( 1070040 ) on Monday August 02, 2010 @08:15AM (#33109134)

    Users simply visit the URL to begin the process, which modifies the iOS mobile operating system found on the iPhone, iPod touch and iPad.

    This sounds like a huge security hole. If simply visiting a web page can modify the OS of the phone, then this can surely be used for more malicious purposes. Maybe the user has to make some more clicks but then how hard is it to social engineer a user into doing that, and the attacker can do anything they like. Such as installing back doors, keyloggers, whatever. This I think is more than just a jailbreak: this is a root exploit in the browser. Scary, to say the least.

    The jailbreak itself may not work on other versions of iOS, but as it involves Safari I wouldn't be surprised if the root exploit itself works there as well. Binary patching of the running O/S (which is what I guess they are doing) of course works only against a specific version, minor revisions may break it, so no surprise it doesn't work for the iPad.

    This is one I have to say I hope Apple plugs quickly. It just sounds too scary to me.

    • This is one I have to say I hope Apple plugs quickly. It just sounds too scary to me.

      It's old hat. There was a vulnerability back in iPhoneOS 1.1.2 that allowed pretty much the same thing, in fact the domain name dates from that period, and the sky didn't fall down on our heads then either.

  • by denmarkw00t ( 892627 ) on Monday August 02, 2010 @09:14AM (#33109768) Homepage Journal

    If you're doing this and getting the purple background of death (just hangs and doesn't install) try this:

    Method 1
    -Click Home
    -Double-click Home to bring up running apps
    -Click and hold on Safari
    -Close Safari, try again

    Method 2
    -Go to Settings->Safari
    -Clear cache, history, cookies (some reported clearing History IN Safari to work)
    -Try again

    Method 3 (only thing that worked for me)
    -Go to jailbreakme.modmyi.com instead of jailbreakme.com (just a mirror)

    3GS 4.0.1

  • by line-bundle ( 235965 ) on Monday August 02, 2010 @09:15AM (#33109794) Homepage Journal

    To have the "cutting edge" people test out new features.

    • by mjwx ( 966435 )

      To have the "cutting edge" people test out new features.

      Using Occams razor and common sense. Apple doesn't put these in, they just don't test it's products properly.

      Never attribute to competence that which is easily explained by stupidity.

      This hole will be closed in short order. Apple cannot abide you having control over your own phone.

  • If this is just a URL couldn't a user be pointed to this unwittingly and there phone would have it's warranty nullified without the user having done anything?
    • by irving47 ( 73147 )

      Seems that way to me, too.
      But maybe it's a good thing in that Apple won't have a leg to stand on.
      I don't care how strict the EULA is. No court is going to let them void thousands of warranties when all the action that was required was visiting a website or being redirected to one against the users will or knowledge.

    • Probably not. You have to manually initiate the process once the page loads.
      • Probably not. You have to manually initiate the process once the page loads.

        Just because this website has the user initiate the exploit via a manual process, doesn't mean a nefarious website couldn't do it automatically.

    • Sure... or I could send you an email with a PDF in it (which is the attack vector that this remote exploit^W^Wjailbreak uses) and completley take over your phone. Read all your mail, monitor your calls and text messages, see all your websites and intercept all your passwords, follow your GPS location (even if you think you have the GPS turned off), make copies of all your photos, videos, and other files, purchase apps for you, and send all this wealth of info back to me and anybody who wants to pay me for i

To stay youthful, stay useful.

Working...