• Your favorite








    , and
  • Here's How Jailbreakers Can Protect Themselves Against Email Phishing Attacks

    Earlier today, we reported on a phishing attack brewed from a known e-mail client vulnerability in Apple's Mail application on iOS devices that would try to get you to enter your iCloud password in a very convincing popup message that looks like something native to iOS. The problem has been present since iOS 8.1.2, but Apple's lack of acknowledging the problem led the person behind the discovery to publicize the problem further to try to push Apple into fixing it faster.

    It's pretty obvious what's going to happen here. Much like the unicode text messaging bug that crashed devices, Apple is going to want to fix the problem in a future software update. And jailbreakers don't like software updates, because they're usually anti-productive towards the cause.

    That's why the jailbreak community has once again come to the rescue, fixing a hole that Apple has failed to fix themselves for more than 6 months. iOS development team HASHBANG Productions has launched a new free jailbreak tweak called DeDirect that prevents any e-mails from allowing the loading of external HTML code that could be used to toggle those malicious password-stealing prompts.

    If you're concerned about your security and worry that the Mail application vulnerability could affect you or your security, you can grab this jailbreak tweak for free right now from Cydia's BigBoss repository. We recommend it to keep yourself 100% safe while using Apple's Mail application on your iOS device so that your Mail application will be unable to load external HTML code without your permission.

    There are no options to configure and installing it is all you have to do to protect yourself.

    Name: DeDirect
    Price: FREE
    Version: 1.0
    Requirements: iOS 8.0-iOS 8.1.2
    Tested on: iPhone 5 running iOS 8.1.2
    Repo: BigBoss
    Developer: HASHBANG Productions
    This article was originally published in forum thread: Here's How Jailbreakers Can Protect Themselves Against Email Phishing started by Anthony Bouchard View original post
    Comments 10 Comments
    1. blueaviator's Avatar
      blueaviator -
      Knowing that Apple "borrows" most of their tweaks and updates from the JB community, why wouldn't they wait as well until someone comes and creates a solution? It's easier for them to wait till someone from the JB community to do it, then they will just include it in their future updates! And cheaper also!
    1. hogcia's Avatar
      hogcia -
      Borrow? I say more like steal!
    1. MoonFighter's Avatar
      MoonFighter -
      I've made this comment before, but seriously. JB community fixes this lickity split while Apple says meh we'll fix it with our next update that will come out eventually sometime.

      Seems like if it's an exploit involving a JB it gets patched relatively quickly, while password stealing bugs and phone destroying text messages don't seem to be a priority.
    1. spectrum's Avatar
      spectrum -
      "anti-productive towards the cause".
    1. stolenpentium's Avatar
      stolenpentium -
      No longer in Cydia
    1. vinaygoel2000's Avatar
      vinaygoel2000 -
      Quote Originally Posted by stolenpentium View Post
      No longer in Cydia
      I see it.
    1. Anthony Bouchard's Avatar
      Anthony Bouchard -
      Quote Originally Posted by stolenpentium View Post
      No longer in Cydia
      You might just have to refresh your sources.
    1. elmagic's Avatar
      elmagic -
      Apple likes to stop jail breaking, but seems perfectly content to leave LEGITIMATE security vulnerabilities open. Such prioritizing. Much agree with @MoonFighter
    1. blueaviator's Avatar
      blueaviator -
      Quote Originally Posted by hogcia View Post
      Borrow? I say more like steal!
      By writting "borrow" I was trying to be polite :-) but what you wrote is what I thought! :-)
    1. thazsar's Avatar
      thazsar -
      It seems that DeDirect completely prevents me from opening any links in my email. For example, if I want to look at something from a Best Buy ad, I won't be redirected to Safari; it just does nothing... Instead, I have to copy the link and paste it into Safari. Kinda sux