Jailbreaking My iPhone

I performed a jailbreak on my iPhone Sunday night.

Jailbreaking is a process that allows iPad, iPhone and iPod Touch users to run third-party unsigned code on their devices by unlocking the operating system and allowing the user root access. Once jailbroken, iPhone users are able to download many extensions and themes previously unavailable through the App Store via unofficial installers such as Cydia. A jailbroken iPad, iPhone or iPod Touch is still able to use the App Store and iTunes.

Jailbreaking is against at&t’s/Apple’s policies. End of story until last week when the Librarian of Congress ruled it’s actually OK. The Library of Congress is the keeper of copyrights and this is an exemption they can issue… and did.

The jailbreak itself was incredibly easy. That’s a problem. All I did was visit a website and click one link. Too easy–seriously. It makes me very uneasy.

Someone found a security hole in the iPhone’s Safari web browser wide enough to drive a truck through. The jailbreak worked because an improperly formed pdf file was able to gain access to the ‘root’ of the iPhone’s operating system.

It was OK this time because I consciously downloaded the file. Unfortunately someone could fashion a drive-by attack using the same method (and here are some examples already tried!)! Go to a website, get infected invisibly!

This is a weakness caused by Apple’s programming. I’m astounded they haven’t immediately fixed the problem.

Obviously I have crossed purposes here. I want to jailbreak, but I don’t want others to have similar access without my permission.

I’m also upset with the writers of this jailbreak code. By openly exploiting this weakness they created a roadmap for those with less noble purpose.

A lot of the responsibility rests on Apple because their policies have limited the inherent capabilities of the iPhone. People just want to unlock what the phone can actually do. There is an incentive to delve into grey areas which Apple could easily fill.

There’s lots of blame to go around. There’s lots that’s troubling.

10 Responses to “Jailbreaking My iPhone”

  1. Peter Sachs says:

    The jailbreak writers did, in fact, reveal this exploit in the mobile Safari browser, but they also wrote and released the “PDF Loading Warner” shortly thereafter. This protects users from unknowingly downloading an alleged PDF file.

    Of course, in order to get this protection you must jailbreak your phone, as the PDF Loading Warner will only work on a jailbroken phone. So as ironic as it seems, only those who *do not* jailbreak their phones are vulnerable to the exploit.

    Therefore for now, those with jailbroken phones are safer than those without.

  2. Josh K says:

    my favorite story was the teenager who wrote an app called Handy flashlight that had a hidden functionality – free tethering of the 3G data via a socks proxy to your computer. Needless to say the app has been pulled.

  3. James Barraford says:

    I love Apple’s products. Have an iPhone, iPad,iPod, Apple tv (now that was dumb). I don’t love Apple’s policies. I understand why they want a walled off community strictly controlled by them. What they still don’t get is that goes against human nature. People want to tinker, people want to explore, people want to be look behind the curtain. I jailbroke my iPhone 2 years ago and have never blinked. All I wanted to do was multitasking, to make folders for my icons, to have extra icons in my tray, to tether. You know, all the stuff the new OS will do. People need to know that if it wasn’t for the hackers, the jailbreak community, those of us that tested the unofficial apps… there would still likely be NO app store. Apple created the app store in response to the JB community. To act as if we are outlaws has always been ridiculous. Do i trust every developer creating apps for the JB crowd? No way. Do I wait on those apps until guinea pig early testers have reported on it? You bet. But I’m getting tired of Steve Jobs’ smugness. The reality is that other than the iPod, iPhone, iPad, Apple still does not control over 90% of the computer market. They are way behind the bell curve on the TV market. Google may end up eating Apple’s lunch if they don’t watch it.
    BTW… Between Apple and ATT it’s like watching a dysfunctional family at the holidays.

  4. Peter Sachs says:

    James, you really hit the nail on the head. I agree with all that you wrote.

  5. Craig says:

    I don’t understand the risk/reward of jailbreaking. As far as I understand, you have no idea what the jailbreaking code is doing. It could be stealing all your contacts and installing viruses, keyloggers, etc…
    Would you really be surprised if that was occurring, and the funny thing is you went to that site willingly.
    I could maybe see jailbreaking iPhone rev1, you couldn’t even install an app on that thing – but it’s come so far, is it really worth the risk ?

  6. Geoff Fox says:

    Craig – you’re totally right. Thankfully there’s nothing that sensitive on my phone, but your point is well taken. This is just part of my insatiable hacker persona.

  7. James Barraford says:

    Craig, I agree to a point on the merits of jailbreaking, especially the iPhone 4. I doubt once I get mine that I will JB it. The OS Apple is bringing out gives me almost all I have now. Well, other than tethering. I use my iPhone 3g as my wifi hotspot for my iPad. for $10 I installed MYFI from Cydia and with a Wifi iPad I’m good to go. Saves a ton of monthly fees and my iPad was $130 less than the 3g version. That will likely be the only reason I would consider JB on iPhone 4. I would be happy to pay ATT a monthly tethering fee now………but they don’t offer it. Whether thats all on ATT or not doesn’t matter. Other carriers allow tethering at a reasonable price.
    Because of the possible nature of a nefarious coder I never do banking on my phone. I don’t consider my phone to be as stable and secure as my computer at home. In the end I don’t see the risk as any more than most people take everyday on their PC’s, that they take on their laptops at Starbucks, that they take using any public wifi situation.

  8. Adam says:

    Btw… If you haven’t done so already, make sure you change the default root & user passwords on the phone.

  9. meredith says:

    … then there’s the kid who jailbroke an iPhone4 display model in the Apple Store, in full view of the staff.

    http://www.geek.com/articles/mobile/iphone-4-jailbreak-done-in-apple-store-2010083/

  10. James, you can tether an iPhone now. I just did it when I purchased my iPhone 4 last week.

Leave a reply

Current day month ye@r *