|
A new Web-based jailbreak was released recently for iPhones and iPads running the latest versions of iOS. Users merely need to visit jailbreakme.com from an iPhone or iPad to automatically jailbreak the device, allowing them to install apps and hacks that have not been approved by Apple. However, the process relies on a vulnerability in Mobile Safari that could be likewise exploited by more nefarious hackers to access all the data on your device.
Jailbreaking has been around since the iPhone was first released—it was the only way to develop apps before iPhone OS 2.0 and the App Store appeared in 2008. It has also been used to install apps that aren't approved for the App Store, access iOS's underlying UNIX features, enable FaceTime chat over 3G and other carrier-unsupported features, or change settings that are otherwise unaccessible from the standard iOS interface. And, the Library of Congress recently ruled that defeating Apple's DRM to jailbreak an iPhone is a justified "fair use."
There are a variety of automated tools to jailbreak an iOS device, most of which require plugging a device in restore mode to a computer and running an application that performs the necessary steps to remove Apple's software locks. Jailbreakme.com, on the other hand, exploits a vulnerability in Mobile Safari to run the code necessary to jailbreak. "I wonder how long until someone figures out the actual bug I'm exploiting," the developer of jailbreakme.com wrote on Sunday via Twitter.
Not long, it seems. VUPEN Security today identified an issue in PDF handling as the flaw being exploited. A "memory corruption error" can occur when processing font data stored within a PDF file. The memory corruption can then trigger a kernel error that allows elevated privileges, bypassing the sandbox within which iPhone apps typically run. The vulnerability "could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page using Mobile Safari," which is exactly what jailbreakme.com does. The flaw is handy for easy jailbreaking, but not so good for unsuspecting users who might end up having their personal data pilfered.
The vulnerability has been identified as existing in iOS 3.x, 4.0, and 4.01, and affects iPhones, iPads, and iPod touches.
McAfee security researcher David Marcus noted that the exploit is so far only being used for jailbreaking, but could be used for many more—and far less savory—things. "This should serve as a wake-up call for anyone with a mobile device: Remote exploitation is real and here to stay," he wrote.
_________________
Those that know, don't tell. And those that tell, don't know.
So say what you mean, and mean what you say.
And if its ain't broke, don't fix it.
|
