Thursday, August 12, 2010

Jailbreak!!!

Hey everyone,

I've been asked by several people what it means when I say I have a "jailbroken" iPhone. So, I figured I'd write a blog post about it.

When someone jailbreaks an Apple device (as far as I know this only applies to the iTouch/iPhone/iPad users), they are in effect bypassing the approval system Apple uses to allows apps to be installed on their devices - the owner of a jailbroken iDevice can install applications that Apple did not approve of, and also change base system files (custom themes and the like).

Several weeks ago an Internet dweller named comex announced that his jailbreak method worked on current versions of iOS (the operating system that Apple's mobile devices use). In order to take advantage of the jailbreak, one had to visit jailbreakme.com in Safari on their device.

When you visit the website, you will see something similar to the picture below. Oddly, since my phone is already jailbroken it shows an error message instead of a "jailbreak now!" message. Don't ask me why.




All you have to do is slide the button, and then Safari downloads a .pdf file. Once the file is done downloading, Safari tries to open it. Here's where the witchery comes in. There is (or was, now - Apple released an update today fixing the flaw) a vulnerability in the way that Safari renders .pdf files that could allow someone to hide a program in the file, and have it run whenever Safari tries to open it.

The hidden program that is downloaded installs Cydia (see the pic below), which is a lot like a "black market" of apps. From here one can get many apps, from file viewers to Game Boy emulators. Several apps from Cydia allow the user to dig around in the guts of the device, seeing files that Apple never wanted you to see. Nothing scandalous here, but it allows an experienced user to alter system files that would change the "experience," as Steve Jobs would say.


That's pretty much it in a nutshell. I did this primarily so I could use Grooveshark on my phone, but two weeks later it got approved for the official app store. Figures.

I should also note that comex has made the method by which he created that .pdf file public. This means that anyone can create .pdf files like that for malicious purposes. As I mentioned earlier in this post, Apple has released an update to iOS fixing Safari's vulnerability. Only problem with updating is that you "un-jailbreak" your device. Looks like this is one of those "pick your poison" scenarios - each way you're losing something.

No comments:

Post a Comment