• Your favorite

    Apple

    ,

    iPhone

    ,

    iPad

    ,

    iOS

    ,
    Jailbreak
    , and
    Cydia
    site.
  • Here's Why You Should Update to iOS 7.0.6 if You Haven't Already


    iOS 7.0.6 was released a couple of days ago with a fix for a really nasty SSL connection verification bug that could leave you susceptible to man-in-the-middle attacks on wireless networks from people with malicious intent snooping on your Web activity.

    Since SSL connection verification is commonly used in secure Web communication for Web sites like PayPal and other banking or money-handling Web sites, having this bug would have left you wide open to an inexperienced "hacker" that wants to listen in on your Web activity and steal information, or worse, money.

    The vulnerability affected many iOS devices on different firmware versions, and Mac OS X machines are also still plagued by the bug. While Apple released iOS 7.0.6 to fix the problem on iOS devices, they have not yet answered the Mac OS X community and are expected to in the near future.

    Notably, iOS 7.0.6 can still be jailbroken by evasi0n7, so if you haven't updated to iOS 7.0.6 yet, we would highly recommend that you do go through with the update so that you protect yourself from the nasty SSL connection verification bug. iOS hacker pod2g announced on Twitter yesterday that the bug can affect your security in Mobile Safari, Mail, Facebook, Twitter, and Messages among several other different kinds of applications:





    Pod2g also recommends updating to iOS 7.0.6 instead of installing some home-brew fix for the SSL connection verification bug, as this is ultimately the safest and most secure way to go about things.

    Since OTA (over the air) updating is disabled on devices jailbroken with evasi0n7, if you're already jailbroken on an earlier version of iOS, then you should download the update through iTunes. You should perform an iTunes backup of your iOS device to save all of your user settings and personal data before going through with the update, and you can right-click on your device on the left sidebar of iTunes and click "transfer purchases" to make sure that all of your apps, music, and other content gets transferred to your library.

    After you've backed up your iOS device and everything on it, you can then place your device into DFU mode and restore to the iOS 7.0.6 firmware you downloaded. Once the restore is finished, you can choose to restore your iOS device from a backup in iTunes, and you can select the backup you made prior to the restore.

    After your device is running iOS 7.0.6 and your settings, applications, and media have all been restored and synced, you can launch the latest version of evasi0n7 (version 1.0.6), which was released just yesterday with support for iOS 7.0.6, and you can jailbreak your iOS device and re-download all of the jailbreak tweaks that you had installed prior to updating your iOS device. Because you made a backup, all of your jailbreak tweak settings should all still be there and you shouldn't have to reconfigure them (I didn't have to for mine).

    For a guide on how to jailbreak your iOS 7.0.6 device, whether you're re-jailbreaking or jailbreaking your iOS 7.0.6 device for the first time, you can follow this link.

    If you plan on going through with the update, you should do so soon. iOS 7.1 is reportedly launching in the middle of March and it patches the evasi0n7 jailbreak. You should get yourself to iOS 7.0.6 soon so that you're not forced to upgrade to iOS 7.1 when it comes out. Once it's out, Apple won't sign iOS 7.0.6 anymore.

    Sources: pod2g
    This article was originally published in forum thread: Why You Should Update to iOS 7.0.6 if You Haven't Already started by Anthony Bouchard View original post
    Comments 26 Comments
    1. KraXik's Avatar
      KraXik -
      So if I only use secured wifi and 3G, I'm safe?
    1. Anthony Bouchard's Avatar
      Anthony Bouchard -
      Quote Originally Posted by KraXik View Post
      So if I only use secured wifi and 3G, I'm safe?
      With any kind of wireless connection, you are at risk. No encryption is flawless. But unsecured Wi-Fi networks are one of the most common and vulnerable places that people get attacked at.
    1. Lobi_Earl's Avatar
      Lobi_Earl -
      I am still on 6.1 and will definitely NOT update, so is there a possibility to manually fix the bug on my phone in security.framework?
    1. Anthony Bouchard's Avatar
      Anthony Bouchard -
      Quote Originally Posted by Lobi_Earl View Post
      I am still on 6.1 and will definitely NOT update, so is there a possibility to manually fix the bug on my phone in security.framework?
      Pod2g suggests that fixing the problem yourself or using third-party fixes is not a good idea. The best way to go about this situation is to update the firmware.

    1. buggsy2's Avatar
      buggsy2 -
      The only glitch I ran into was, iTunes wouldn't do the download+update in one step. I had to choose the Download-only option, then update. Of course I backed up first on iTunes. I also have the Cydia app PKGBackup installed, so I used that too to save all my Cydia apps and settings.

      After that the evasi0n jailbreak was easy and I first restored PKGBackup, then recovered all previous Cydia apps. To my surprise I didn't even have to provide any passwords again and everything, including my prior jailbreak icon configuration, was restored. So it was as easy as could be but still took a couple of hours waiting for the iTunes download, synching, backup, restore, etc. but well worth it to patch this serious security hole. Damn good thing this was fixed now and not in 7.1.
    1. Jj2345's Avatar
      Jj2345 -
      I'd love to update but I'm getting a 2005 error code since I'm jailbroken,I'd have to edit my host file or something like that,which Never worked for me
    1. matthewmspace's Avatar
      matthewmspace -
      I updated as soon as I got the time to. I hate starting over (unless it's for an x.0 beta), but with this, I totally did it. I advise everyone to get this update and then maybe a VPN like Cloak or something for public wifi.
    1. politicalslug's Avatar
      politicalslug -
      It takes a whole day to transfer everything back to my 64GB iPhone. I'm really not looking forward to this update. Likewise on my 64GB iPad, but I can live without that for a day.
    1. xWalmartCandyx's Avatar
      xWalmartCandyx -
      Is this really worth all the trouble of backing up data, restoring, updating, and re-jailbreaking? Can't i just use a VPN for SSL Connections?
    1. Fafner's Avatar
      Fafner -
      Exactly what I did as well. Hassle-free PKGBackup is great.


      Quote Originally Posted by buggsy2 View Post
      The only glitch I ran into was, iTunes wouldn't do the download+update in one step. I had to choose the Download-only option, then update. Of course I backed up first on iTunes. I also have the Cydia app PKGBackup installed, so I used that too to save all my Cydia apps and settings.

      After that the evasi0n jailbreak was easy and I first restored PKGBackup, then recovered all previous Cydia apps. To my surprise I didn't even have to provide any passwords again and everything, including my prior jailbreak icon configuration, was restored. So it was as easy as could be but still took a couple of hours waiting for the iTunes download, synching, backup, restore, etc. but well worth it to patch this serious security hole. Damn good thing this was fixed now and not in 7.1.
    1. Anthony Bouchard's Avatar
      Anthony Bouchard -
      Quote Originally Posted by xWalmartCandyx View Post
      Is this really worth all the trouble of backing up data, restoring, updating, and re-jailbreaking? Can't i just use a VPN for SSL Connections?
      Is it really a hassle though? It took me all of 1 hour to complete, and I did 3 devices.

      And I really think it's worth it. If you're going to fix it, it's always better to fix it right.
    1. wolverinemarky's Avatar
      wolverinemarky -
      Ugh I really don't want to unjailbreak and rejailbreak but sounds like it would be wise to so guess I will start the process
    1. buggsy2's Avatar
      buggsy2 -
      Quote Originally Posted by politicalslug View Post
      It takes a whole day to transfer everything back to my 64GB iPhone.
      You must be restoring+updating your iPhone to factory condition in iTunes, then jailbreaking, then recovering from backup. In the first step do only the "Check for Update" not "Restore iPhone". The whole thing should take 1 or 2 hours, the shorter time if you use a Cydia backup app like PKGBackup.
    1. mlee19841's Avatar
      mlee19841 -
      Went smoothly. Wonder what 7.1 is going to be like.....
    1. steve-z17's Avatar
      steve-z17 -
      Thank you Anthony for this important information. I will update right away.
    1. bisayakid07's Avatar
      bisayakid07 -
      PkgBackup is a savior
    1. swifty7's Avatar
      swifty7 -
      hackers can look at my iphone all they want. I never put personal or critical info in my phone anyway. I don't have the patience to do everything all over again specially with 7.1 looming.
    1. vartanarsen's Avatar
      vartanarsen -
      Quote Originally Posted by swifty7 View Post
      hackers can look at my iphone all they want. I never put personal or critical info in my phone anyway. I don't have the patience to do everything all over again specially with 7.1 looming.
      Exactly…if hacker wants to see my text to Wifey, asking what grocery items are needed from Stop and Shop, then by all means, look all you want!! haha
    1. 2moon's Avatar
      2moon -
      Many apps/tweaks I had on 7.0.4 don't seem to work on 7.0.6 or I can't even find on my sources (MultiIconMover+).
      Now did I miss something here or developers have to release a compatible version of their apps to work with 7.0.6?
    1. 2moon's Avatar
      2moon -
      Quote Originally Posted by 2moon View Post
      Many apps/tweaks I had on 7.0.4 don't seem to work on 7.0.6 or I can't even find on my sources (MultiIconMover+).
      Now did I miss something here or developers have to release a compatible version of their apps to work with 7.0.6?
      Uninstalled/reinstalled BigBoss repo and apps work, I knew I had seen something about it before...