iPhone jailbreak exploit 'sweet' and 'scary,' says researcher
Perfect for drive-by attacks that hijack unsuspecting iPhones and iPads, says noted bug finder
Computerworld - The exploit used to jailbreak Apple's newest iPhone operating system is both "beautiful" and "scary," a noted vulnerability researcher said Monday.
"Jailbreak" is the term that describes the practice of hacking an iPhone to install apps not authorized by Apple.
Miller is a well-known security researcher with a reputation for hacking Macs and iPhones. A three-time winner at the annual Pwn2Own contest, and one of the three researchers who uncovered the first iPhone vulnerability in July 2007, Miller also demonstrated last year how to compromise an iPhone simply by sending a text message.
But he tipped his hat to comex, the Safari flaw comex found and the exploit the researcher crafted.
Miller said he does not know comex, or the researcher's real name.
JailbreakMe 2.0 can be installed by browsing to the jailbreakme.com site with an iPhone, iPod Touch or iPad running iOS 4.0.1 or earlier. Moving the slider to the right kicks off the jailbreaking process.
"Not only does this elevate to the root, giving you complete control of the iPhone, but it breaks out of the sandbox," said Miller in an interview Monday, referring to the isolation technology designed to block rogue code from escaping the mobile Safari browser.
"There's no shell on the iPhone, so [comex] had to do all that himself to get control," Miller continued. "He elevated to root, turned off all code signing, broke out of the sandbox...all in the payload of the exploit.
"And it works every time. Not just a few times out of a hundred. But every time."
As proof, several people, including Miller, have posted photographs of jailbroken iPhones in Apple's own retail stores, the devices hacked by customers who browsed to jailbreakme.com.
In one of his tweets, Miller added, "Scary how it totally defeats Apple's security architecture."
- Carmakers put Apple's CarPlay in the slow lane
- What matters in the fall smartphone lineup: brand, display size, battery life, LTE
- Why HTC put Windows on its M8 smartphone
- iPhone 5C's China bust raises questions about Apple's pricing for '14 models
- China scrubs Apple's iPad and MacBooks from government buying list
- Navdy's planned heads-up car display works with iPhone or Android
- Circle the date: Apple's iPhone 6 event slated for Sept. 9
- Stable Mac prices fuel reliable profit engine
- Apple will 'set the world on fire' with iPhone 6 sales
- The other Apple economy: $2B in devices on eBay
- Troubleshooting Common Issues in VoIP Learn more about Voice over Internet Protocol (VoIP), including common VoIP metrics used, best practices in VoIP management and tips and tricks for...
- 2013 Network Management Software (NMS) Buyers Guide This white paper contains an independent comparison study of six different network management solutions and provides guidance on how you can choose the...
- Rightsizing Your Network Performance Management Solution: 4 Case Studies This white paper discusses challenges encountered as organizations search for the most cost-effective network performance management solution.
- Global Growing Pains: Tapping into B2B Integration Services to Overcome Global Expansion Challenges A recent survey by IDG Research explored both the challenges and pain points companies face when growing globally, as well as the capabilities...
- E-Signature RFP Checklist Webcast If your organization is looking to adopt e-signatures, you may be overwhelmed by the number of providers that offer seemingly similar solutions. How...
- Cloud and Collaboration: Driving Your Business Value Mission Critical Cloud from Peer 1 Hosting is enterprise-grade. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!