Apple Releases Patch For Evasi0n Jailbreak (After It's Used 18 Million Times) 112
Sparrowvsrevolution writes "Apple has released a new update for iOS that prevents the jailbreak evasi0n released last month. But that hacking tool has already become the most popular jailbreak ever: It's been used to remove the software restrictions on 18.2 million devices in the 43 days between its release and the patch, according to data from Cydia, the app store for jailbroken devices. In its announcement of the update, Apple says it has fixed six bugs and was polite enough to credit the hackers behind evasi0n with finding four of them. At least one of the bugs used by evasi0n remains unpatched, according to David Wang, one of evasi0n's creators. And Wang says that he and his fellow hackers still have bugs in reserve for a new jailbreak, although they plan to keep them secret until the next major release."
I've already hacked this patch (Score:2, Informative)
Re: (Score:3)
My experience with random Android devices is it's hit or miss on rooting. If you have a good OEM (Asus has been good to me) then it's not a problem. But if you have ones that lock it down it's not any different than having an iPhone.
Although I wish someone would port apt-get to Android so we can install apps like you can with Cydia.
There's a difference between jailbreaking and root (Score:2, Informative)
You don't actually need to jailbreak an Android phone, they are already jailbroken. You just go and press a button to allow applications from sources other than the Google Play store. It will warn you that you may face hacking, doom, whatever but it will then allow you to install applications from any source you like. You can download them off the web, you can get other application stores, like Amazon's, whatever you want. Rooting is if you want full control of your device. You are right that some devices a
Re: (Score:2, Insightful)
The main reason to jailbreak an iPhone is to pirate apps.
Re: (Score:3)
> The main reason to jailbreak an iPhone is to pirate apps.
Yes. Gaze upon the ultimate manifestation of the Apple cult mentality:
If you want to do something interesting, you must "justify yourself". The basic notion of liberty encapsulated by "why not' is totally alien. If you are the least bit creative, you get called a criminal.
Re: (Score:2)
I didn't ask anyone to justify themselves. Read my post. See? It says nothing of the sort.
So what are you saying? That one can't point out the thing that motivates most people to jailbreak? That it's unsayable? So much for liberty, you are implying censorship.
The main reason is (Score:2)
because the item is owned by me I can do to it anywthing I want. If it means I'm going to break copyright or pirate so be it and getting caught is my own problem.
Re: (Score:2)
I'll buy any Android app if I use it enough and/or the app is worthy of it. To name a few:
- Minimalistic Text (because it's awesome)
- Root Explorer
- Titanium Backup
- Better Terminal Emulator Pro & AirTerm
Re:I've already hacked this patch (Score:4, Interesting)
My experience with random Android devices is it's hit or miss on rooting. If you have a good OEM (Asus has been good to me) then it's not a problem. But if you have ones that lock it down it's not any different than having an iPhone.
Actually, it's a lot better than what you think (and much better than it used to be several years ago -- I looked into this the other day). Motorola [custhelp.com], HTC, Sony [sonymobile.com] and even some of the smaller providers such as Huawei [huaweidevice.com] all provide the means to officially unlock the bootloader on many of their phones. Even Samsung provides "Developer Editions" of their major phones that come with an unlocked bootloader by default; and of course every Nexus device is simply a "fastboot oem unlock" away from complete freedom. Impressive, no? There's now an awful lot of devices that you can officially install a custom recovery on and root out of the box, and it's testimony to the strength of the Android dev community that manufacturers actually want to provide this functionality.
Although I wish someone would port apt-get to Android so we can install apps like you can with Cydia.
Well, you don't really need it, unless you have a particular boner for apt-get. Google's own Play Store hosts many apps that do the same thing as those provided by Cydia; since Google has always promoted rooting rather than been adverse to the practice, there's never been a need to have a separate software repository for rooted devices. There are, of course, several other alternate app stores around should you wish to install software through non-Google means and be notified of updates.
Re: (Score:3)
While it would be possible to install apt (no porting needed) it does not make much sense given the way Android packaging works. Nor is it necessary, given that Android already comes with its own package management system tailored to its needs.
Installing a package from the command line is simple:
pm install name_of_package.apk
To remove a package:
pm uninstall org.name.of.package
To disable a package without rem
Re:I've already hacked this patch (Score:4, Insightful)
Just out of curiousity, which Android App do I go and download/purchase to run and execute iOS applications?
Your "solution" is no different than saying the best way to run one specific windows program is to install linux
Re: (Score:2)
Tell me; How do I install Android on my ATV2?
Re: (Score:3, Funny)
Re: (Score:2)
Re: (Score:2, Insightful)
Re: (Score:1)
Implying a knee-jerk "I use android hurr-durr" thread constitutes a discussion.
Re:I've already hacked this patch (Score:4)
> I have an iPad, and the only apps I've installed were Angry Birds (free version), and a bit more advanced calculator
That doesn't mean what you think it does. It actually means that you are even less married to PhoneOS than someone that might be motivated to jailbreak it. Jailbreakers are not "haters". They are people that like Apple products well enough to go to great lengths to continue using them rather than just using Android.
You are like a Windows user that can faked out by fvwm95.
Re: (Score:1)
If you're referring to Android being spyware, sorry but Apple does just as much and the teleco's do more spying then all the spyware combined.
Thought Jailbreaking was legally allowed? (Score:1)
I thought it was only unlocking a phone to use it on any carrier that recently became "illegal" due to a change at the library of congress.
IIRC there was a court case or some legislative action a year or 2 ago that made it illegal for manufacturers to stop people from jailbreaking their phones.
How is Apple geting around this, assuming I'm not misinformed? If they are just "fixing bugs" they should have the "Allow apps from anywhere" option that sFurbo mentioned above long ago!
This is written on a MacBook bu
Re: (Score:3)
The Customer is always right, damn it! (Score:1)
When *I* pay $700 for a phone, it will be used the way *I* want to use it, not the way the company I bought it from recommends. Shit, they go beyond simple recommendation, they FORCE me to use it their way. Kudos to the jailbreaking teams around the world for giving me what the company that sold me the product failed to give me.....freedom.
It's pretty simple, really. If you are that concerned about their security flaws, then upgrade. As a developer myself, I can guarantee you that there are more bugs/flaws
Re: (Score:2)
When *I* pay $700 for a phone, it will be used the way *I* want to use it, not the way the company I bought it from recommends.
Yeah but, you would also expect a $700 phone to do everything out of the box so that there is no need to jailbreak and modify it yourself.
So why are they not.... (Score:2)
Cracking the Apple TV 3? I can not believe that that platform is completely secured from hackers.
Jailbreaking is a real issue... (Score:1)
I hope Apple manages to patch every single bug that would allow jailbreaking. They had a pretty good run with the iPhone 4s and 5, clocking in at 98 days and 136 days respectively.
Too many people buy iOS devices based on the premise they'll be able to jailbreak them in order to make full use of the hardware they bought. And that rewards Apple and its walled garden model, which is beyond broken. Sadly many consumers are too complacent, lazy or stupid to care they are only renting their iPhone or iPad. In 201
Apple loves them numbers in their keynotes (Score:2)
Billions of songs donloaded
1 million applications available
18 million Jailbreaks.
Priceless.
Biased article - it fixes passcode bug (Score:3)
Apple didn't release the patch "to break the jailbreak", but to solve a more severe bug - that someone can take your locked phone and break into it.
Fixing the jailbreak (it was fixing one of the many exploits it relied on) could have been a side effect, or on purpose, but the main fix was to fix the damn privacy flaw.
Of course, everyone concentrates on the jailbreaking aspect, and not the real reason for the fix that everyone knew was coming (and has been demonstrated weeks ago).
Re: (Score:1)
Apple gets to fix a 'security bug', and make it so a jailbreak no longer works. This makes them look good(tough on security), and keeps the walls up. As your casual user who knows just enough to *want* other software(or, say enabling tethering on an iDevice with it disabled?), but not enough time/knowledge to find the latest jailbreak, will just keep it stock.
Those 18m downloads are the people that:
1) Own an iDevice
2) Updated this month
3) Needed a
Re:FFS (Score:4, Insightful)
How are they going to produce jailbreaks if they report it?
It would be irresponsible of them to deliberately collaborate with restricting user freedoms.
Re: (Score:2)
Re: (Score:3, Insightful)
How are they going to produce jailbreaks if they report it?
It would be irresponsible of them to deliberately collaborate with restricting user freedoms.
I don't care about jailbreaks, I'm not going to install one anyway. Ever. I do care about security flaws in the operating system that is installed on hundreds of millions of devices.
It's plenty flexible enough for me without jailbreaking. I can compile and install my own apps without going through the store. You just have to have a developer account (which is not very expensive).
Re: (Score:2)
The flaws are "fixed" enough already. If you were to even try to touch any of my hardware (phone, computer, laptops, anything), your arm will be broken in multiple places long before you have the chance to perform a local privilege escalation exploit :P
I mean you act like this is a bug in a network daemon or something!
Re: (Score:2)
I do care about security flaws in the operating system that is installed on hundreds of millions of devices.
As far as I can tell, every flaw they "use" is tethered, and there's never been malware that used any of them. The only way they decrease the security of your device is if you manually jailbreak it, which is not an accidental process, then manually install malware. If you are so sure you'll never jailbreak your device, then you are sure you'll never be attacked through those iOS bugs.
Re:FFS (Score:5, Insightful)
there's never been malware that used any of them.
That you know of.
Re: (Score:2)
Security flaws, yes... (Score:2)
Re: (Score:2)
I don't care about jailbreaks, I'm not going to install one anyway. Ever. I do care about security flaws in the operating system that is installed on hundreds of millions of devices.
Blame Apple for creating a situation where there are many users who, unlike you, do care about jailbreaks. If this were any other piece of software, publishing the vulnerability would have been a no-brainer. But as it is, there is a conflict of interest - even more so as people who do find those vulns are also more likely to want to jailbreak.
If you don't like this arrangement, well, it's not like iOS is the only mobile platform out there...
Re: (Score:1)
That's a benefit, not a burden.
Re: (Score:2)
No. (Score:5, Insightful)
Fuck no.
For fucking millionth time, the only way to not deliberately collaborate with restricting user freedoms is to not fucking buy the restricted stuff in the first place.
You buy DRM'ed shit - you give the DRM producer money. The fact that you intend to use hacks to circumvent the DRM later only sends a clear message: "We're doing fine, we just need to clamp down on them hackers harder".
This is not fighting for freedom, this is entitlement complex. I could somewhat understand looking to break DRM when non-DRM media in some class is nonexistent or virtually nonexistent - like in DVD video case, but not in cases like smartphones or, say, videogames. You're not entitled to it. Just say "fuck you" to them and their shiny toys and go play elsewhere - the playground is huge and alternatives are plenty.
Re: (Score:2)
I'm entitled to tell you to fuck off.
"Voting with your dollars" (Score:1)
Re: (Score:2)
The responsible thing to do for those who are against Apple's walled garden is to not buy or use iOS devices and not producing any software that enables others to do so.
Re: (Score:2)
How are they going to produce jailbreaks if they report it?
It would be irresponsible of them to deliberately collaborate with restricting user freedoms.
Apple hates us for our freedoms!
Re:FFS (Score:5, Insightful)
I hate it when people cry foul when Apple patches a jailbreak method. I find visiting a web page or opening a PDF that can root your device then automatically installs binaries and run them without user intervention that has full access to your whole phone quite worrying.
I do wonder if someone has maliciously used a jailbreak methods on their own web site, installing binaries remotely without the user knowing, and then taking data. How do you find out if this has happened?
Re: (Score:3, Interesting)
The exploit used by evasi0n to gain root is a missing permissions check in USB backup/restore.
So unless your web page or PDF somehow magically plugs a iPhone into a properly prepared host... nope.
Re: (Score:1)
I do wonder if someone has maliciously used a jailbreak methods on their own web site, installing binaries remotely without the user knowing, and then taking data. How do you find out if this has happened?
The exploit used by evasi0n to gain root is a missing permissions check in USB backup/restore. So unless your web page or PDF somehow magically plugs a iPhone into a properly prepared host... nope.
I'm pretty sure you can root iOS (or any other mobile OS) using vulnerabilities that do not require the device to be USB connected so his point still stands.
Re: (Score:3)
I hate it when people cry foul when Apple patches a jailbreak method. I find visiting a web page or opening a PDF that can root your device then automatically installs binaries and run them without user intervention that has full access to your whole phone quite worrying.
At least with the iPhone and other Apple devices, all but the original tiff bug for jailbreakme.com have required installing a jailbreaking software package and cabling the device to your computer in order to accomplish the jailbreak.
You can get malicious software through the approves install channels very rarely (Apple generally disallows PhoneGap type software, which requires a captive custom UIView in order to cause problems via DNS redirection), so you mostly see malicious software in places where the m
Re: (Score:2)
Does Apple force upgrades on you? I don't believe it does but I don't own the device so I could be wrong.
My husband is still running iOS5 on both his iPhone and iPad because he hasn't gotten around to updating them. So no they don't 'force' you to update. However the updates are bundled and once you say yes you will get every interim update to the current version without the ability to pick and choose which updates you apply.
Personally I have no issue with keeping my phone 'jailed'. I have no urge to jailbreak it, there's nothing I want to do with it that requires jailbreaking and it is theoretically less vuln
Re: (Score:2)
First off, I doubt that you've seen that malware for Android. You've heard about it from others. Many of those 'others' who keep on claiming Android is about to be taken over by malware
Re:FFS (Score:5, Insightful)
Of course, the easy way around the dilemma would be to insist on only paying money for hardware you actually own, not quasi-lease, which is the only option Apple wants for iOS hardware.
Re: (Score:2, Interesting)
Bullshit. Most users are perfectly happy with the device. A few - very few, though vocal on this site - wants to do something they were never promised, and those few put the majority in danger. Granted, chances are, the flaws would not be know currently otherwise, but sitting on a flaw for your egoistical reasons is a bad reason.
Re: (Score:2)
A few - very few, though vocal on this site - wants to do something they were never promised, and those few put the majority in danger.
What, did they introduce the flaw in question into iOS code base? Was a midnight raid on Apple campus to get to their source control servers involved?
No? Then why are you complaining about them? The only party at fault here is Apple itself, since it 1) introduced the flaw in question, and 2) created an environment where said flaw is actually a feature. Of course people who find that flaw and want to jailbreak (and people who are able to find and exploit such flaws do want to jailbreak) will use it for their
Re: (Score:2)
if you sign up for a developer account (dirt cheap compared to your monthly phone bill)
I pay $3 for my monthly phone bill. Developer account is $99 or $8.25/mo. That's not dirt cheap even in comparison.
Besides, why exactly should I pay a third party to run code on the device that I own, again?
Re: (Score:2)
... should have been $30, not $3.
Re: (Score:1)
Re: (Score:2)
Re: (Score:2)
Don't you have the option to remain jailbroken, jailbreak, or not update to the newest iOS at any given time to keep your JB? If Cydia apps are worth more to you than the increased functionality/methods for appstore apps, then your path seems rather obvious.
Until your device requires a warranty replacement, it fails, falls in the toilet, or whatever. Apple is militant about selling devices with the latest iOS version. You'd have to find a store that hasn't been restocked prior to the last update to avoid having the latest and greatest iOS on your device. So that isn't the perfect solution. It works for most people, most of the time, however.
Re: (Score:1)
This would clearly be the case if Apple did not insist on locking down devices in ways the consumers don't want. I
...in ways a minority of consumers doesn't want. The vast majority just don't seem to give a shit about jailbreaking.
Re: (Score:2)
If the phone was locked in a way I didn't want, I wouldn't have one. I got this iPhone 4 almost 2.5 years ago, and I'm still pretty happy with it.
I jailbroke it because I wanted to test out the Auxo app switcher. I only bothered with Evasi0n because it's simple. If it had involved any other steps, I wouldn't have done it. And as it happens, nothing that I tested while my phone has been jailbroken has been worth me keeping the phone jailbroken for. When the next half-way significant patch comes out, I'll upd
Re: (Score:3)
They did.
The security flaws were hurting iOS users, so they reported them using their tool.
The reason security flaws are reported is in order to protect the users, not the vendor.
Re: (Score:2, Flamebait)
This wouldn't be needed had Apple not been Apple. You know the whole "we know better than you what you want" motto.
If they didn't know what people wanted I'm assuming they wouldn't be selling so well.
Re: (Score:3)
This wouldn't be needed had Apple not been Apple. You know the whole "we know better than you what you want" motto.
If they didn't know what people wanted I'm assuming they wouldn't be selling so well.
If people were happy with their devices being locked up and restricted I'm assuming 18 million of them wouldn't have used this jailbreak in a little over a month. That number seems like it includes a lot more than just geeks and hobbyists.
Re: (Score:2, Interesting)
I think it mostly includes kids who want to pirate stuff.
Re: (Score:2)
May be their iPad was bought by their parents for their own use, and then the kid installs the jailbreak.
Comment removed (Score:5, Insightful)
Re: (Score:3)
The install base of iOS is 300 million plus. Also, how many of those 18 million, 200.000 are unique device jailbreaks and how many are dupes? It seems to me that most iOS users don't bother to jailbreak. Those 18 million are certainly not many enough to force Apple to and abandon jailing.
18 million people sought out and used the jailbreak, that's significant because this isn't something they can just go get at the app store.
For every one of those 18 million how many others do you think didn't because they didn't want to void their warranties? Or they (rightfully) didn't want to risk installing malware or bricking their phone by blindly installing some hack from an unknown 3rd party? Or they didn't feel comfortable or technically competent enough to mess with the core software of their dev
Re: (Score:1)
The install base of iOS is 300 million plus. Also, how many of those 18 million, 200.000 are unique device jailbreaks and how many are dupes? It seems to me that most iOS users don't bother to jailbreak. Those 18 million are certainly not many enough to force Apple to and abandon jailing.
18 million people sought out and used the jailbreak, that's significant because this isn't something they can just go get at the app store.
For every one of those 18 million how many others do you think didn't because they didn't want to void their warranties? Or they (rightfully) didn't want to risk installing malware or bricking their phone by blindly installing some hack from an unknown 3rd party? Or they didn't feel comfortable or technically competent enough to mess with the core software of their device?
And then consider all of the people who would have used the jailbreak but simply didn't learn about it during the 6 weeks of its existence.
I'm a computer scientist, I know how to jailbreak iOS, I could even develop my own jailbreaks If i was inclined to spend enough of my spare time on it but I still haven't jail-broken my iPhone or iPad simply because so far I have been perfectly satisfied with the software selection on iTunes (heretical I know but there it is). The only thing that could possibly motivate me to jailbreak/root my iDevices is (a) Apple disables the ability to import mp3/mp4/pdf files or (b) I get curious enough about the inner
Re: (Score:1)
Well I know several iphone owners and only 2 who jailbreak (not myself). The reason is simply: access to pirated stuff. Nothing to do with freedom. They agree that for them the stock library is more than good enough. I've heard that before that piracy is a big interest for many jailbreakers.
Myself I find it strange that it is ok to buy an excellent but expensive gadget, and then find the few dollars for the occasional app purchases too much.
Re: (Score:2)
Re: (Score:2)
The catch is that while sites like /. are full of people who are vocal about caring, most of the customer base just simply doesn't. Hell, I highly doubt it's actually 18 million people. Given that for instance I'd be counted in that number, except I don't jailbreak my current device. I only jailbreak older devices just to mess with it.
Plus a lot of those are going to be the same people jailbreaking multiple devices.
But lets assume for a second there really are 18 million customers who jailbreak: Then tho
Re: (Score:2)
I've jailbroken my phone using Evasi0n. I'll probably be going back to an un-jailbroken version soon (i.e., when a new patch drops that I care about).
I jailbroke the phone to have access to Auxo. Turns out Auxo crashes on the iPhone 4 constantly (which I reported to the dev; he said they were working on it...they may have already fixed it). I tried a few other things in the meantime: Jukebox, Bulletin, Dashboard X, etc. All they did was make my phone slower and give me no appreciable extra functionality. Bu
Re:FFS (Score:5, Interesting)
Re: (Score:1)
Its apple tart! http://en.wikipedia.org/wiki/Apple_pie Not Appletard, that not even a word.You Slashtard!