+ Reply
Page 1 of 4 123 ... LastLast
Results 1 to 20 of 67

Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.


Thread: Panic as @comex Releases JailbreakMe Source

is a discussion within the

iPhone News

forums, a part of the

General iPhone

section;
In a move that is sparking hysterical reactions from mainstream journalists and tech bloggers, the Dev-Team's @comex has released the source code of his JailbreakMe "star" exploit, which made use
...
  1. #1
    MMi Staff Writer Paul Daniel Ash's Avatar
    Join Date
    Aug 2009
    Location
    Union Square, Somerville, Mass.
    Posts
    919
    Thanks
    6
    Thanked 995 Times in 401 Posts

    Default Panic as @comex Releases JailbreakMe Source


    In a move that is sparking hysterical reactions from mainstream journalists and tech bloggers, the Dev-Team's @comex has released the source code of his JailbreakMe "star" exploit, which made use of vulnerabilities recently patched by Apple in iOS versions 4.0.2 and 3.2.2. With pundits calling the public release of @comex's work 'dangerous' and making dire predictions of imminent "attacks," one could wonder why Apple, Inc., which left second generation iPhones and first-generation iPod touches vulnerable in the new release, is being spared from criticism. The only recourse for users of older devices - of course - is to jailbreak.

    JailbreakMe relies on a hole in Mobile Safari that lets @comex's code break out of the "sandbox" and get root on an iOS device. What 4.0.2/3.3.2 did was to patch the CFF hole and block @comex's IOSurface root escalation exploit... for any device that can run those versions of firmware, that is. Any device older than an iPhone 3G or a second-gen iPod touch is still out in the cold. In response, @saurik is working on a patch that will protect jailbroken devices. Until that Cydia package is ready, the tweak that @cdevwill created will pop up an alert if any other code attempts to use a similar exploit.

    Which brings us to @comex's release. Mainstream tech news sites have reacted with shock and dismay, with Computerworld warning of the "evil uses" the now-useless exploit could be put to, darkly claiming that "It may not be long before comex's work is turned into a weapon for attacks that gain "root" access, or complete control, of iPhones and iPads." The article further cluelessly states that "Apple's desktop operating system includes the FreeType font engine." (It doesn't.) PCWorld puts the FUD right up front, in the title of an article posted at 5:40 am: "Malicious Attacks Coming Soon." PCWorld's Tony Bradley also somehow decrees that it's "ironic" that another Dev-Team member is working on a patch for the users that Apple ignored. Is that like rain on your wedding day, or a free ride when you've already paid, Bradley?

    The benefit of open systems to improving security has been clear for some time, at least to experts who don't work at One Infinite Loop. Whitfield Diffie, one of the inventors of of public-key cryptography and the former head of security at Sun Microsystems, calls BS on software makers' claim their code is more secure because it's secret. As Diffie wrote in Risky Business: Keeping Security a Secret, "it's simply unrealistic to depend on secrecy for security in computer software." Until Apple opens its system, the only way to find and fix the vulnerabilities is through the efforts of people like @comex and Charlie Miller. All the hysteria is just a case of blaming the messenger, rather than focusing on the real security problem in iOS: secrecy.
    Last edited by Paul Daniel Ash; 08-12-2010 at 11:06 AM.

  2. The Following 10 Users Say Thank You to Paul Daniel Ash For This Useful Post:

    ambo (08-12-2010), Borischan (08-12-2010), Chere613 (08-13-2010), ianbroste (08-12-2010), iAye (08-13-2010), Jahooba (08-12-2010), jamriman (08-12-2010), mortopher (08-12-2010), reaves205 (08-12-2010), rkisling (08-12-2010)

  3. #2
    Green Apple
    Join Date
    Jul 2007
    Posts
    49
    Thanks
    5
    Thanked 6 Times in 2 Posts

    I support comex's decision. Open is better

  4. The Following 5 Users Say Thank You to ambo For This Useful Post:

    coolguy742 (08-12-2010), Dash-2 (08-12-2010), milesneptune (08-13-2010), ProZack27 (08-12-2010), rkisling (08-12-2010)

  5. #3
    What's Jailbreak? zoomspeed05's Avatar
    Join Date
    Jun 2008
    Location
    orlando
    Posts
    13
    Thanks
    1
    Thanked 1 Time in 1 Post
    Scariesssss

  6. The Following User Says Thank You to zoomspeed05 For This Useful Post:

    SirTimothy1 (08-12-2010)

  7. #4
    Green Apple
    Join Date
    Nov 2007
    Location
    New York
    Posts
    85
    Thanks
    9
    Thanked 8 Times in 6 Posts

    I'm sure he has his reasons for releasing it.

  8. #5
    Green Apple tremerone's Avatar
    Join Date
    Dec 2009
    Location
    Bathroom stall
    Posts
    95
    Thanks
    4
    Thanked 20 Times in 15 Posts

    Isn't this what it has been from the beginning?! Exposing the weaknesses and creating freedom! I admit the bad (or should I say wrong) press is still press nonetheless and definitely should put another kink into the chain that is Apple. Oddly enough with the news of no longer "illegal" jailbreaking and unlocking Apple continues to proceed against it and forgetting the more important issues that seem to be common around threads: the "death grip" and proximity sensors. I think for such a big company it's time to face the reality and embrace what is going on and use this a gain/gain opportunity.
    Last edited by tremerone; 08-12-2010 at 11:17 AM.

  9. #6
    What's Jailbreak?
    Join Date
    Apr 2008
    Posts
    9
    Thanks
    2
    Thanked 0 Times in 0 Posts

    So are we safe to jailbreak in Any danger?

  10. #7
    Formerly Known As rpgpromaster EddieLeonard's Avatar
    Join Date
    Jun 2008
    Location
    UK
    Posts
    1,824
    Thanks
    490
    Thanked 676 Times in 362 Posts

    what i cant see if it apple have patched it safari wouldnt emailing the pdf and opening it work and also syncing the pdf to ibooks????
    Follow me on Twitter: EddieLeonard - - - - - - - -If i have helped in anyway at all, Please click the "Thanks!" button
    Stalk me on FaceBook: Eddie Leonard

  11. #8
    Green Apple gafu's Avatar
    Join Date
    Dec 2007
    Location
    S.Jersey
    Posts
    79
    Thanks
    12
    Thanked 27 Times in 14 Posts

    Apple left an open hole,@comex screwed the hole and is telling/letting people how....Kinda saying "let's all screw Apple"

  12. The Following User Says Thank You to gafu For This Useful Post:

    Chere613 (08-13-2010)

  13. #9
    iPhone? More like MyPhone
    Join Date
    Sep 2009
    Posts
    295
    Thanks
    12
    Thanked 23 Times in 9 Posts

    Locking my front door as we speak.

  14. #10
    iPhone? More like MyPhone
    Join Date
    Jul 2008
    Posts
    127
    Thanks
    3
    Thanked 10 Times in 10 Posts

    Jailbreak users are safe as long as they install saurik's PDF Patch.

  15. #11
    dsg
    dsg is offline
    Livin the iPhone Life dsg's Avatar
    Join Date
    Jul 2008
    Posts
    1,830
    Thanks
    3,479
    Thanked 1,981 Times in 772 Posts

    Saurik has release the PDF-Patch it's up on Cydia

  16. The Following User Says Thank You to dsg For This Useful Post:

    s1l3nt (08-12-2010)

  17. #12
    Green Apple
    Join Date
    Aug 2009
    Posts
    77
    Thanks
    0
    Thanked 24 Times in 14 Posts

    OMFG we're ALL going to MF'n DIE!

    lol

  18. The Following 4 Users Say Thank You to Dizi For This Useful Post:

    jwilky (08-12-2010), oOo ANDR3W oOo (08-19-2010), ProZack27 (08-12-2010), redwolf (08-12-2010)

  19. #13
    What's Jailbreak? mole92db's Avatar
    Join Date
    Mar 2010
    Location
    UK
    Posts
    11
    Thanks
    1
    Thanked 2 Times in 1 Post
    PDF patch is already out.

    Pic: http://dl.dropbox.com/u/6747848/pdf.png

    Why have Modmyi not reported this yet so more people know about it.

  20. #14
    MMI's Official Devil Dog santacruzlocal's Avatar
    Join Date
    Mar 2009
    Location
    SC California
    Posts
    620
    Thanks
    5
    Thanked 45 Times in 37 Posts

    Put the women and children to bed and lets go looking for dinner !!! I support his decision ..

  21. #15
    Livin the iPhone Life reeko's Avatar
    Join Date
    Dec 2007
    Location
    England
    Posts
    1,564
    Thanks
    48
    Thanked 166 Times in 136 Posts

    Everytime a jailbreak is released, it is achieved through a flaw in iOS which let's the user/hacker obtain root access, which would be described as a security flaw in iOS.

  22. #16
    Green Apple Repins's Avatar
    Join Date
    Jul 2007
    Posts
    34
    Thanks
    5
    Thanked 0 Times in 0 Posts

    Open is Def better!!!

  23. #17
    What's Jailbreak?
    Join Date
    Apr 2010
    Posts
    19
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Quote Originally Posted by rpgpromaster View Post
    what i cant see if it apple have patched it safari wouldnt emailing the pdf and opening it work and also syncing the pdf to ibooks????
    its a hole in safari how it handles PDF not really PDFs themself..

  24. #18
    Livin the iPhone Life CaptainChaos's Avatar
    Join Date
    Sep 2008
    Location
    In a van down by the river
    Posts
    4,823
    Thanks
    551
    Thanked 515 Times in 427 Posts

    This is what Apple gets for being lazy.

  25. #19
    What's Jailbreak? chrizskizzle's Avatar
    Join Date
    Aug 2010
    Posts
    2
    Thanks
    0
    Thanked 0 Times in 0 Posts

    @chpwn

    Hey, security/antivirus companies: JailbreakMe exploits the browser, but it's /not/ malicious. Block actual bad sites, kthx.

  26. #20
    Go Giants whereswaldo's Avatar
    Join Date
    Jul 2009
    Location
    Toronto
    Posts
    4,382
    Thanks
    187
    Thanked 359 Times in 257 Posts

    Why are we calling him @comex? This isn't Twitter
    Name? whereswaldo
    iDevice + Firmware? 32GB Black iPhone 4 iOS 5.0
    Computer + OS? Dell Inspiron 15R 2nd Gen i5, 2.3 Ghz, 750GB HDD, 8GB RAM Windows 7 HP
    Location? Toronto
    Found yet? No

  27. The Following User Says Thank You to whereswaldo For This Useful Post:

    ggab (08-12-2010)

+ Reply
Page 1 of 4 123 ... LastLast
Posting Permissions
  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts