JailbreakMe for iPhone 4 uses PDF vulnerability, Apple investigates
Share:
The iPhone 4 web-based jailbreak solution, JailbreakMe, is both a blessing and a curse, depending from which angle you are viewing it. Regular users are surely welcoming the simplicity of it – just visit Jailbreakme.com, move the slider to mark agreement, and you are good to circumvent Apple's walled-garden approach to what you can, and cannot do with your handset.
The tool, however, is exploiting an unbeknownst vulnerability in the iPhone's Safari browser, which allows for a back door access to your handset, while opening and viewing PDF files online. A security adviser called the exploit “beautiful work”, but said it is alarming how easy it was for an outsider to gain deep access to the iPhone 4. We don't blame him for calling this an issue - it is the job of mobile security companies to instill paranoia in users, so as they can tout their own solutions or research.
It took somewhere from zero to five weeks for the guy to come up with an exploit since the June 24th launch. However, the result of all the hard work may soon become invalid, as an Apple spokesperson has confirmed for Reuters that they are looking into the Safari vulnerability, and will issue a patch to fix it soon. The cat and mouse game continues.
source: Yahoo! News
The tool, however, is exploiting an unbeknownst vulnerability in the iPhone's Safari browser, which allows for a back door access to your handset, while opening and viewing PDF files online. A security adviser called the exploit “beautiful work”, but said it is alarming how easy it was for an outsider to gain deep access to the iPhone 4. We don't blame him for calling this an issue - it is the job of mobile security companies to instill paranoia in users, so as they can tout their own solutions or research.
It took somewhere from zero to five weeks for the guy to come up with an exploit since the June 24th launch. However, the result of all the hard work may soon become invalid, as an Apple spokesperson has confirmed for Reuters that they are looking into the Safari vulnerability, and will issue a patch to fix it soon. The cat and mouse game continues.
source: Yahoo! News
Share:
4 Comments
2. Mike from NY (unregistered) posted on 05 Aug 2010, 13:40 0 0
Hm... why??? Why is Apple trying so hard and set itself up for failure? people will always jailbreak sooner or later and new handset that will ever come out. Shouldn't they concentrate on selling the device rather than how to cripple it? Weird!
3. phonedemocracy posted on 05 Aug 2010, 16:18 0 0
Well I think they're going to patch it so other programs don't utilize that vulnerability. Jailbreakme not working will just be a casualty.
4. tedkord posted on 05 Aug 2010, 20:12 0 0
Fake. Everybody knows it's physically impossible for any apple product to have any vulnerabilities, virtual, physical or metaphysical. God created the universe using iOS SDK.
