Results 1 to 19 of 19

Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.


Thread: Non-Jailbroken iPhones More Vulnerable to Malware: Study

  1. #1
    MMi Staff Writer Paul Daniel Ash's Avatar
    Join Date
    Aug 2009
    Location
    Union Square, Somerville, Mass.
    Posts
    919
    Thanks
    6
    Thanked 995 Times in 401 Posts

    Default Non-Jailbroken iPhones More Vulnerable to Malware: Study


    Slashdot reported last week on research published by Swiss iPhone developer Nicolas Seriot about security holes in unjailbroken - that's UNjailbroken - iPhones that could potentially compromise email accounts, browser history and even keytaps held in cache. The closed and unmodifiable nature of the stock iPhone OS means that malware could be carried by any app: even one legitimately purchased and downloaded from the App Store.

    In a talk on iPhone privacy in Geneva, Seriot described how a malicious application could harvest personal data on a non-jailbroken iPhone (PDF) without using private APIs. The presentation makes several suggestions to Apple on how to make the native iPhone environment more secure. For one thing, Seriot asserts that the keyboard cache on iPhones should be a OS service rather than being easily available to any app. He also recommends that the WiFi connection history be better hidden, and that the App Store reviews process be expanded to search for potential misuse of data.

    Seriot also makes the case that jailbroken iPhones can actually be more secure than stock iPhones, for the simple reason that jailbreakers have access to firewall software. The iPhone worms that were in the news not too long ago made headlines because they attacked jailbroken iPhones, but only those which still had the default SSH password. Once secured and running a firewall, jailbroken devices are harder to break into remotely than non-jailbroken iPhones. This, of course, clearly contradicts Apple’s position that jailbroken devices are more vulnerable, and so may encounter resistance in the mainstream industry press.

    Users of all iPhones - jailbroken and not - should be wary of programs from untrustworthy developers, according to Seriot: especially professionals like like attorneys, doctors, finance officers who are legally bound to safeguard the privacy of data under their control. Interestingly, he also asserts that user reviews in the App Store are crucial, since customer experiences could save others from attack or validate the integrity of a program. After the recent scandal about faked reviews on the App Store, Apple would do well to keep better control of user feedback: as a security measure, if for no other reason.

    image via geardiary.com
    Last edited by Paul Daniel Ash; 12-08-2009 at 11:25 AM. Reason: link, typo

  2. The Following User Says Thank You to Paul Daniel Ash For This Useful Post:

    reaves205 (12-08-2009)

  3. #2
    Livin the iPhone Life adp's Avatar
    Join Date
    Jan 2009
    Location
    South FL
    Posts
    1,789
    Thanks
    32
    Thanked 460 Times in 321 Posts

    This is true. But as a jailbreaker I also feel safer with apps such as firewall. This, in conjunction with changing SSH password, is safe enough for me.
    If I helped you out, please use the Thanks button ------------------------->

  4. #3
    Just another reason to jailbreak. It's sad that a company with a "Thnk Diff" logo has turned into "THE MAN"....
    32GB Black 3G[S]
    Blackra1n'd RC3

  5. #4
    I was getting tired of all of Apple's "Scare Tactics" they would use towards Jailbreakers . Its about time the truth comes out .

  6. #5
    iPhoneaholic gthugballin's Avatar
    Join Date
    May 2009
    Location
    Garden Grove, California, United States
    Posts
    439
    Thanks
    62
    Thanked 31 Times in 21 Posts

    I took off my jailbreak the other day lol..w00t time to rejailbreak (maybe) in sort of a mean way i would love for a virus to attack normal UNjailbroken iphones... that way apple can get off their high horse about never getting viruses.
    When the police want to know where someone is, they ask apple.

  7. #6
    this is something that i have allways suspected. im glad that its being put to the test
    killall Terminal[]

  8. #7
    My iPhone is a Part of Me hollow0's Avatar
    Join Date
    Jun 2008
    Location
    Tampa, FL
    Posts
    671
    Thanks
    49
    Thanked 49 Times in 39 Posts

    Well well well.. so now the non jailbroken phones are vulnerable? Interesting info. I still have not used the firewall app. I've only changed my ssh password. I'll have to look into this more.

  9. #8
    I think this article is a bit misleading. Of COURSE there can be malicious apps in the App Store. Think about it like this: Beejive, for example, can link your contacts to your screen names, and even read screen names from your contacts. Who's to say that Beejive can't snag ALL of your contact information and upload it to a remote server without even letting you know? (Of course, I have the utmost respect for the developers of Beejive; it's my favorite app from the App Store, I was just using them as an example because that's the first app that came to mind when thinking about apps that use your contacts database.)

  10. #9
    While I think jailbreaking is great, this does have to be one of the least convincing arguments I've ever seen.
    He who asks a question looks foolish for 5 minutes. He who doesn't ask a question remains foolish forever.

  11. #10
    Jailbreaking - 100

    Non-Jailbreaking - 0.1

    aww so close

  12. The Following User Says Thank You to Peemcgee For This Useful Post:

    NickFerguson (12-09-2009)

  13. #11
    Retired Moderator StealthBravo's Avatar
    Join Date
    Jan 2008
    Location
    TX  Follow me @StealthBravo
    Posts
    32,477
    Thanks
    44
    Thanked 5,328 Times in 3,113 Posts

    Quote Originally Posted by confucious View Post
    While I think jailbreaking is great, this does have to be one of the least convincing arguments I've ever seen.
    I agree. This is weak =P

  14. #12
    MMi's "X" Member awesomeSlayer's Avatar
    Join Date
    May 2008
    Location
    Dragonspiral Tower in 3DS
    Posts
    4,524
    Thanks
    114
    Thanked 347 Times in 259 Posts

    Who keeps spreading the malware on iPhones and iPod touches?!
    Asking for help is different from being stupid. Fanboys can rot in @#$%!

  15. #13
    iPhoneaholic ecd5000's Avatar
    Join Date
    Oct 2008
    Location
    Six - One - Zero
    Posts
    416
    Thanks
    6
    Thanked 19 Times in 16 Posts

    well this is a fun fact to know, what does apple have to say about this?
    *OFF TOPIC* how is the firewall program?
    Quote Originally Posted by ??????
    Hi. Does anyone know is iBlacklist available in the app store? can it only be purchased outside the app store? If so, is it hard to install? Thanks everyone.

  16. #14
    iPhone? More like MyPhone matthew1111's Avatar
    Join Date
    Aug 2009
    Location
    Texas
    Posts
    240
    Thanks
    40
    Thanked 6 Times in 6 Posts

    Go jailbreak security
    That Thanks button is there for a reason!


  17. #15
    My iPhone is a Part of Me rwin84's Avatar
    Join Date
    Nov 2007
    Location
    Orlando, FL
    Posts
    679
    Thanks
    3
    Thanked 16 Times in 16 Posts

    Long live Jailbreak
    This is getting a lil' ridiculous...

  18. #16
    Livin the iPhone Life adp's Avatar
    Join Date
    Jan 2009
    Location
    South FL
    Posts
    1,789
    Thanks
    32
    Thanked 460 Times in 321 Posts

    Quote Originally Posted by ecd5000 View Post
    well this is a fun fact to know, what does apple have to say about this?
    *OFF TOPIC* how is the firewall program?
    It's great. So far it's detected a few outgoing connections to admob and such websites, from apps that had absolutely no need for data. For example, there was one crappy app in Cydia called "PayUpBro" which I downloaded out of extreme boredom, and immiediately my firewall detected an outgoing connection to admob.com=deleted app.
    If I helped you out, please use the Thanks button ------------------------->

  19. #17
    Livin the iPhone Life tudtran's Avatar
    Join Date
    Sep 2007
    Location
    Foco, Colorado
    Posts
    1,004
    Thanks
    4
    Thanked 39 Times in 30 Posts

    Jailbreak is awesome. I wish more people would do it.

  20. #18
    My iPhone is a Part of Me hollow0's Avatar
    Join Date
    Jun 2008
    Location
    Tampa, FL
    Posts
    671
    Thanks
    49
    Thanked 49 Times in 39 Posts

    Quote Originally Posted by tudtran View Post
    Jailbreak is awesome. I wish more people would do it.
    It is awesome but then no one would have warranties

  21. #19
    iPhone? More like MyPhone
    Join Date
    Mar 2008
    Location
    indiana
    Posts
    169
    Thanks
    20
    Thanked 3 Times in 3 Posts

    cant you just load a stock fw so your warranty will still be good? the only time i ever took mine back was when i bouht the 3g becouse they were out of the 3gs's. took it back within my 30 day trial when they got them in stock. they never even looked at my old phone. i dont really know if theres a way for them to tell if it was previously jailbroken or not. just askin incase i ever have to return it in the future.

Posting Permissions
  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •