• Your favorite

    Apple

    ,

    iPhone

    ,

    iPad

    ,

    iOS

    ,
    Jailbreak
    , and
    Cydia
    site.
  • iOS 6 Mobile Safari Users Affected by JavaScript Bug


    If you’ve used Safari on your iOS 6 device lately (and chances are likely that you have), than you’ve probably noticed the new app banners that pop up on several sites whenever that site has a related app. The folks over at AppleInsider are reporting that it looks like the new banners have the ability to fiddle with your user settings without your consent. It seems like the new banners have the ability to re-enable JavaScript even if you’ve manually shut off the service on your iOS device.

    Security expert Lisa Myers of Intego told the publication that the issue isn’t necessarily a troubling one, at least not yet that is. She had the following to say regarding the situation:

    At the moment it doesn’t pose a thread, but we’ll continue to monitor it to make sure it doesn’t become more exploitable. There’s also the fact that few people actually disable JavaScript completely as it can partially, or totally, disable the majority of websites.
    The simple act of re-enabling JavaScript isn’t an alarming privacy issue, so you don’t have to worry from that perspective. However, the fact that the new feature tweaks device settings without even informing the user about the change is a bit annoying and surprising at the same time. Hopefully, there isn’t any underlying security vulnerability that would deem our iOS devices unsecure.

    Source: AppleInsider
    This article was originally published in forum thread: iOS 6 Mobile Safari Users Affected by JavaScript Bug started by Akshay Masand View original post
    Comments 19 Comments
    1. bmwraw8482's Avatar
      bmwraw8482 -
      ...or more jailbreakable?
    1. ecd5000's Avatar
      ecd5000 -
      That does make you wonder if this could be used for a userland jailbreak?
    1. 01GLS's Avatar
      01GLS -
      Jailbreakme 4.0
    1. KraXik's Avatar
      KraXik -
      Comex, are you reading this? Hint, hint!
    1. Jj2345's Avatar
      Jj2345 -
      Can someone alert comex on his twitter,maybe it's nothing special but who knows
    1. dsg's Avatar
      dsg -
      It's a burned exploit if it ever was one and because its been found and reported about Appl£ will be working on a fix for it
    1. KraXik's Avatar
      KraXik -
      Quote Originally Posted by dsg View Post
      It's a burned exploit if it ever was one and because its been found and reported about Appl£ will be working on a fix for it
      So what if they fix it? They can't force me to update.
    1. Mrteacup's Avatar
      Mrteacup -
      It can only re-enable your javascript it doesn't have access to your files etc. too bad i love the safari based jailbreaks jailbreak me was awesome
    1. dsg's Avatar
      dsg -
      Quote Originally Posted by KraXik View Post
      So what if they fix it? They can't force me to update.
      true, but whats with the attitude

      edit: I don't think the devs would use it though because it's been burned, if it even was a exploit
    1. KraXik's Avatar
      KraXik -
      Quote Originally Posted by dsg View Post
      true, but whats with the attitude

      edit: I don't think the devs would use it though because it's been burned, if it even was a exploit
      Attitude? Lol.

      Text is text. You perceive it from the way you read it.
    1. Eonhpi's Avatar
      Eonhpi -
      Comex cant jailbreak any apple idevice im pretty sure that was in the contract after he left apple could be wrong tho
    1. Jato_BZ's Avatar
      Jato_BZ -
      Quote Originally Posted by Eonhpi View Post
      Comex cant jailbreak any apple idevice im pretty sure that was in the contract after he left apple could be wrong tho
      Surely he will be running his own JB, all those Devs will be...
    1. dsg's Avatar
      dsg -
      Quote Originally Posted by KraXik View Post
      Attitude? Lol.

      Text is text. You perceive it from the way you read it.
      ok, feck you!!!!

      how does that come across? I typed it with a smile on my face not really believing what I typed
    1. KraXik's Avatar
      KraXik -
      Quote Originally Posted by dsg View Post
      ok, feck you!!!!

      how does that come across? I typed it with a smile on my face not really believing what I typed
      You're really clever. Good job.
    1. Shigoroku's Avatar
      Shigoroku -
      Quote Originally Posted by Jj2345 View Post
      Can someone alert comex on his twitter,maybe it's nothing special but who knows
      It's not an exploit that can be used for jailbreaking. JavaScript is enabled by default and the overwhelming majority of users leave it that way. Some people can't stand anything but static web pages and they disable JavaScript.

      This "exploit" simply allows some web pages to use JavaScript while you have it turned-off in Safari preferences.
    1. Mrteacup's Avatar
      Mrteacup -
      Quote Originally Posted by Eonhpi View Post
      Comex cant jailbreak any apple idevice im pretty sure that was in the contract after he left apple could be wrong tho
      I guarantee comex still has rights to jailbreaking just not helping create jailbreaks for the next year or so, because he can't be releasing info on apples products he helped develop etc. once their is software that he wasn't working with etc. he will be able to exploit etc.
    1. Frostbite's Avatar
      Frostbite -
      Quote Originally Posted by KraXik View Post
      Comex, are you reading this? Hint, hint!
      Comex is no longer allowed to work on jailbreaks, it's part of the deal he signed with apple even though he is not working for them anymore
    1. KraXik's Avatar
      KraXik -
      Quote Originally Posted by Frostbite View Post
      Comex is no longer allowed to work on jailbreaks, it's part of the deal he signed with apple even though he is not working for them anymore
      Sure, but if he could post it under a different name. Xomec, perhaps?
    1. Frostbite's Avatar
      Frostbite -
      Quote Originally Posted by KraXik View Post
      Sure, but if he could post it under a different name. Xomec, perhaps?
      Doubt he would risk the legal troubles. He wouldn't be able to take any donations either.