Munir Kotadia
commentary A "jailbreak" Web site created earlier this week is already attracting hordes of iPhone and iPod Touch users who want to free their devices from the digital shackles attached by Jobs and co. But is it safe?
The "jailbreakme" site itself lures visitors by promising to open up the iPhone and iPod Touch to third party applications -- a luxury currently forbidden by Apple. There is no evidence to suggest that this particular jailbreak utility is at all malicious but how long will it be before copycat sites appear that have less honourable intentions?
To use the site, each visitor effectively opens up their device to the page's owners -- trusting them with pretty much all their personal and valuable data, as well as having faith they won't abuse their control over the device's microphone and camera.
In order to give users access to the third party apps, the jailbreakme page exploits an image vulnerability in Apple's Safari browser to gain root access to the iPhone and iPod Touch's system. This allows the site to bypass all the protections placed by Apple and upload the applications. The crackers even boast the ability to patch the Safari vulnerability that makes all this possible.
It appears an innocent enough site, but surely the mention of exploiting software flaws should sound warning bells to the security-conscious.
Over the past year, numerous security experts have claimed that there are no more "trusted" Web sites. This is partially because so many legitimate Web sites have either been hacked to dish out malware or their ad supplier has been hacked to serve similar so-called drive-by downloads.
We live in very strange times.
Security people have been giving us the same advice for years -- be paranoid, don't click on suspicious links, don't visit dodgy Web sites, don't download and run unknown files.
But the desire for games and more applications is driving relatively security-minded people to point their new mobile device at a Web site that was specifically designed to exploit, hack and upload unknown software onto their system.
One of the first people I know to jailbreak their Apple device was the founder of a very well-known global security firm.
This is crazy. Do we really know what is being uploaded onto the iPhone/iPod Touch when we visit these sites? How much do we care?
So despite knowing all the dangers, I fully intend to walk eyes-open into the hack that stands before me. But before I do so, I will take the precaution of first removing all my personal information from the device and just leave the music and possibly my photos.
And you can be sure that when Apple does open the platform to "legitimate" apps early next year, I will be among the first to reformat the device and once again trust it with personal data.
Has my experience in IT security made me too paranoid? Have you used a jailbreak application? Do you store confidential information on your jail-broken device? Do you trust the hackers? Why?
Like this article? Click below to send it to your mobile for free!
Brad
01/11/2007 04:56 PM
It's not considered crazy to do something because you don't fully know the outcome or effect that the action may cause ... we'd not have this technology if that were the case. Forcing drama into something relatively old and bland seems a bit more 'crazy' in my opinion.
Report offensive content
supafly
01/11/2007 10:23 PM
Tried it on my Touch, renderd the device virtually unusable. Every thing was dead slow, the Application launcher failed to work. Restored the device via i Tunes and all is well again. I think I will wait until its got a bit "development" behind it
Report offensive content
Deady
02/11/2007 08:41 AM
To the writer - You're certainly not Paranoid, but your rudeness shows. To name-call Apple users as Greedy is just plain arrogance on your part. I suggest you choose your wors more wisely before writing your next article.
Report offensive content
Ashumz
09/11/2007 07:29 PM
Ive jailbroke my iTouch as i call it and it works fine.
Report offensive content
anon
14/11/2007 03:21 AM
and windows users haven't been doing similar things for years? why do you single apple users for being greedy?
Report offensive content
archie
03/12/2007 11:30 AM
Yeah, the greedy bit sucks, I am constantly being ridiculed by my Windows using counterparts because Mac users *pay for* their software.
Report offensive content
Unknown
09/12/2007 03:36 PM
The term greedy is misinterpreted. I don't think he intended to say ALL Apple users are greedy. Please be more tolerant to writers in the future, we all make mistakes. I do not think you are paranoid. It is good to be the type that does not just "go-with-the-flow". If I was you, I would wait a few months just in case someone discovered that the third party had planted a malware onto the device or if there are problem with it, but that's just me.
Report offensive content
ant333
12/12/2007 10:50 AM
Yeah, valid points, but the whole 'internet is not safe' theme is old and done. Let it go. Please. You have more chance of having your car stolen, IMHO. + Apple users are not greedy, how can we be when our tech costs more then PC users. Seems to be more of a 'catch your attention so you'll read my article' headline... nice try. Sensationalism is another thing to let die...
Report offensive content
Kelco
24/12/2007 02:07 AM
_-_-TRAP-_-_ Heloo, Well we all know that messing around with this tech savvy material is expensive. So be prepared to pay with either money or stressed emotions. Anytime you hack or open something you shouldn’t, there is a price to pay...KNOW WHAT YOUR DOING, & HOW TO DO IT. Going with the flow is a bad idea, in-less you've got the tech smarts to go with the flow. It is a trap, and we know it is. So do what ya want, but if you can't handle the tech code, your a victim. it is a psychology trick, get the uneducated to follow, and then ambush! If ya wanna jailbreak your ipod, learn to read and write the safari language. Get a Mac and do it your self. It really is not that hard, spend a week studying.
Report offensive content