• Your favorite

    Apple

    ,

    iPhone

    ,

    iPad

    ,

    iOS

    ,
    Jailbreak
    , and
    Cydia
    site.
  • Panic as @comex Releases JailbreakMe Source


    In a move that is sparking hysterical reactions from mainstream journalists and tech bloggers, the Dev-Team's @comex has released the source code of his JailbreakMe "star" exploit, which made use of vulnerabilities recently patched by Apple in iOS versions 4.0.2 and 3.2.2. With pundits calling the public release of @comex's work 'dangerous' and making dire predictions of imminent "attacks," one could wonder why Apple, Inc., which left second generation iPhones and first-generation iPod touches vulnerable in the new release, is being spared from criticism. The only recourse for users of older devices - of course - is to jailbreak.

    JailbreakMe relies on a hole in Mobile Safari that lets @comex's code break out of the "sandbox" and get root on an iOS device. What 4.0.2/3.3.2 did was to patch the CFF hole and block @comex's IOSurface root escalation exploit... for any device that can run those versions of firmware, that is. Any device older than an iPhone 3G or a second-gen iPod touch is still out in the cold. In response, @saurik is working on a patch that will protect jailbroken devices. Until that Cydia package is ready, the tweak that @cdevwill created will pop up an alert if any other code attempts to use a similar exploit.

    Which brings us to @comex's release. Mainstream tech news sites have reacted with shock and dismay, with Computerworld warning of the "evil uses" the now-useless exploit could be put to, darkly claiming that "It may not be long before comex's work is turned into a weapon for attacks that gain "root" access, or complete control, of iPhones and iPads." The article further cluelessly states that "Apple's desktop operating system includes the FreeType font engine." (It doesn't.) PCWorld puts the FUD right up front, in the title of an article posted at 5:40 am: "Malicious Attacks Coming Soon." PCWorld's Tony Bradley also somehow decrees that it's "ironic" that another Dev-Team member is working on a patch for the users that Apple ignored. Is that like rain on your wedding day, or a free ride when you've already paid, Bradley?

    The benefit of open systems to improving security has been clear for some time, at least to experts who don't work at One Infinite Loop. Whitfield Diffie, one of the inventors of of public-key cryptography and the former head of security at Sun Microsystems, calls BS on software makers' claim their code is more secure because it's secret. As Diffie wrote in Risky Business: Keeping Security a Secret, "it's simply unrealistic to depend on secrecy for security in computer software." Until Apple opens its system, the only way to find and fix the vulnerabilities is through the efforts of people like @comex and Charlie Miller. All the hysteria is just a case of blaming the messenger, rather than focusing on the real security problem in iOS: secrecy.
    This article was originally published in forum thread: Panic as @comex Releases JailbreakMe Source started by Paul Daniel Ash View original post
    Comments 66 Comments
    1. Cer0's Avatar
      Cer0 -
      Quote Originally Posted by KartRacer View Post
      ^

      You obviously forget that XP is almost ten years old and Service pack 3 was release about two years ago. The original iPhone and the 3G aren't nearly as old and this is a known exploit that can completely take over your phone and they are completely ignoring their users and the people that are being raked over the coals for making this public are the ones being blamed. There is ZERO reasons Apple couldn't patch this in an update, they actively choose not to in favor of you buying another product that was just as vulnerable.
      Desktop OS and mobile OS play different. Desktop OSs are used by businesses as a main source for everything. Companies don't want to change OSs and reprogram and ensure that things work right every couple years.

      Mobile OSs are not as important to a business because it does not run the whole company; it is not relied on to make sure they are able to run for the day.

      Quote Originally Posted by rhekt View Post
      @Comex just widely exposed the exploit. This caused it to get patched. And now it's fixed. In a round about way he fixed the vulnerability.
      Correct and this is what many whitehat hackers do all the time. They find an exploit and let the company know then if they don't do it in a certain amount of time they expose the exploit in order to get the company to fix it.
    1. LastSonOfKrypton's Avatar
      LastSonOfKrypton -
      Quote Originally Posted by kayvong8 View Post
      A free ride when you're already late.
      Don't ever quote Alanis Morisette on these forums again
    1. mortopher's Avatar
      mortopher -
      Quote Originally Posted by Tyronal View Post
      How is a 3 year old phone any different than xp os 2 years ago? It was totally up to date then, not ten years old!
      Well, on that 2 year old os I can enable, disable, modify, etc. just about every facet of the OS including installing and using an entirely different browser than what comes built-in (not so much on iOS, where you are stuck using the knowingly vulnerable Safari). Even after the official os support ends there are many third party sources that still produce fixes and such to the os.

      Now, on that 3 year old phone, the exploits are essentially stuck there completely vulnerable. One may point out that this can be fixed by installing Saurik's patch, but in order to do so you have to jailbreak the phone, thereby doing something that Apple has a track record of showing they are vehemently against.

      Manufacturer's support is less and less important the more open a system is, but on an entirely locked down and "jailed" system such as iOS, it's an entirely different scenario.
    1. DinoBravo's Avatar
      DinoBravo -
      So I have a question, if you used spirit to JB your phone flashed your system then used sn0wbreeze to install a custom ipsw for 4.0, do you still need the patch? Logic says that now that the exploit has been used all phones are vulnerable correct even if you didnt use jailbreakme to Jb your phone? On 3gs btw.

      Thanks in advance
    1. mortopher's Avatar
      mortopher -
      Yes, you need the patch.
    1. Tyronal's Avatar
      Tyronal -
      Quote Originally Posted by paganizonda83 View Post
      Well, on that 2 year old os I can enable, disable, modify, etc. just about every facet of the OS including installing and using an entirely different browser than what comes built-in (not so much on iOS, where you are stuck using the knowingly vulnerable Safari). Even after the official os support ends there are many third party sources that still produce fixes and such to the os.

      Now, on that 3 year old phone, the exploits are essentially stuck there completely vulnerable. One may point out that this can be fixed by installing Saurik's patch, but in order to do so you have to jailbreak the phone, thereby doing something that Apple has a track record of showing they are vehemently against.

      Manufacturer's support is less and less important the more open a system is, but on an entirely locked down and "jailed" system such as iOS, it's an entirely different scenario.
      And what about the security vulnerabilities on IE on the last release of XP? They're still there, open and unpatched especially if you're running flash, which as any person knows has bigger holes that the exxon valdez. IE had a poor record for vulnerabilities, more than the mobile version of safari so far. They're both browsers on unsupported systems (ios 1st gen phone) with vulnerabilities, I can't see how that's an entirely different scenario, unless you have a bias one way or the other. (Was my spelling ok this time)?