or Connect
AppleInsider › Forums › Mobile › iPhone › Hackers release browser-based 'jailbreak' for iPhone 4
New Posts  All Forums:Forum Nav:

Hackers release browser-based 'jailbreak' for iPhone 4 - Page 2

post #41 of 179
Quote:
Originally Posted by Mazda 3s View Post

I don't think I'm alone when I say that looks hideous.

it may look hideous, but someone must like it. at least with a jailbroken phone you have that choice.

there are definitely better themes out there that look great. if a cheap ass ghetto phone can have more than one theme, why can't an iphone?
post #42 of 179
That this exploit exists and was called out in this fashion is very, very disturbing.

I can barely believe that a Safari exploit permits this kind of action.

Apple: where are your OS and QA security departments?
post #43 of 179
Quote:
Originally Posted by DrDoppio View Post

Relax. If a software update doesn't fix the issue, then a press conference surely will. Most likely, million dollar labs are behind the security of iOS4. Plus, it's a challenge for the entire mobile industry, as you can see from this thread: http://forums.appleinsider.com/showt...hreadid=111796 (well, their problems may not be as specific, but having a browser exploit to hack your phone just marks the spot.)

Best reply ever.
post #44 of 179
Quote:
Originally Posted by akhomerun View Post

possibly a huge security flaw, but remember, all iphones come with the same root password by default (i think it's still "alpine"). i think this fact probably makes it easy (but i also thought without jailbreaking, you have no access to root at all. i'm fuzzy on the whole thing).

Technically you should not have access to root (By manufacture design) however if one of two things can take place, you can gain root. If the root password is known, it can be gained. The other way is for an exploit to hook into a function of the phone that has superuser access and gain superuser access for itself through what is called privalage escalation. Either situation means giving full access to the device in terms of what can be executed and what parts of the system can be written. Jailbreaking and rooting are essentially the same thing looking at the big picture.

I should point out that jailbreaking an iPhone and rooting an Android phone both are a means of gaining superuser (root) access to modify the file system to allow for changes to be made in parts of the phone you nomally cannot change, and to allow actions to be performed that would have been restricted from running on the default systems account. Hence on either device you can make modifications to the OS, load on a different custom rom, and run programs that you would not have been allowed to run. Gaining root is a Unix term, and for those who didn't know, the iPhone runs on Unix, and Android on Linux (a Unix clone). Our phones are not so different ;P
post #45 of 179
Quote:
Originally Posted by Mazda 3s View Post

I don't think I'm alone when I say that looks hideous.







Better?
post #46 of 179
Quote:
Originally Posted by mavis View Post

Best reply ever.

Thanks
post #47 of 179
It reminds me of the days where everything was simple where there were only a few things to download and the ios line was nothing big.Where there was no android and Blackberry was the popular phone.the 1.0 days were the best
post #48 of 179
Could the android users please remind me what's the advantage of Android again? Other than being a Verizon user and there is no choice, what reason is there to buy any Android phone and suffer the lack of software, now that iPhones just gained a huge increase in all the Apps that Apple rejected for either moral or competitive reasons?

It would seem the Library of Congress just destroyed the reason for Android to exist......
post #49 of 179
Why not just Dev-Team releases browser-based 'jailbreak' for iPhone 4?

I know there's a difference between 'hackers' and 'crackers' but the general public will latch on like a scared schoolgirl and deem any 'hacker' to be doing something bad. We've actually got the opposite here, they're doing something good. They're providing freedom of choice and legally I might add.

All we need is some glorified idiot to get some airtime on TV saying that with their hacked iPhone they can now steer a satellite to drop out of the sky with pinpoint accuracy onto a nuke plant or something.

What these guys are doing is nothing short of pulling the damn bug out of Checkov's ear in Star Trek's Wrath of Khan.
post #50 of 179
Quote:
Originally Posted by AppleADayKeepsDrAway View Post

Could the android users please remind me what's the advantage of Android again? Other than being a Verizon user and there is no choice, what reason is there to buy any Android phone and suffer the lack of software, now that iPhones just gained a huge increase in all the Apps that Apple rejected for either moral or competitive reasons?

It would seem the Library of Congress just destroyed the reason for Android to exist......

IDK, different reasons for different people. For me, it was because there is plenty of software available (not a lack of it, android just dosn't have 100 of essentially the same app yet), and because we have a setting to allow non-market apps to be installed without having to root/jailbreak. I am sure other people have other reasons, but really, I think it comes down to preference. Sure, certain things are just as restrictive as the iPhone, but all and all, it is a lot less restrictive, and some of us enjoy our widgets and live backgrounds, or ability to install a new homescreen without having to jailbreak. Either they are features you want, or ones you don't. If you dont want them, an iPhone is a great option really, but make no mistake, you can customize many aspects of the phone without needing to root it.

Also, as far as I am aware, pretty much any carrier has at least one android phone. Verizon just probably has the most.
post #51 of 179
Quote:
Originally Posted by storneo View Post

What could possibly be so important to run on your IP to take such a risk? I can understand using another network, but what apps could someone want that badly?

If for no other reason I would jailbreak my phone so that I can have a different SMS alert to the limited and rather hideous ones that Apple have imposed. In my group of friends it is nearly 100% iPhones - I want an SMS alert that is unique to me. Why Apple have not allowed such a basic action is beyond belief.

I can modify the carrier name to use their logo rather than a word. For a phone that is as much about aesthetic as functionality, you'd think carrier logo's would be standard.

iProtect - gives password access at app level so I can control what can & can't be opened. There is no app with the same functionality in the app store.

And then there's Activator - when you've configured this app and become accustomed to swipe or tap shortcuts it is painfully hard to go back to not having them. For example, at least twice daily I need to turn off the silent vibrate as well as sound - so I have to open home screen, find then open settings, open sounds flick two buttons and at least two home button presses to exit and then press the power button to sleep - or one swipe. So 4 times a day I have to go through either that laborious series of clicks or one swipe. That is just one of the shortcuts I have in Activator. I would happily pay for that ability but there is nothing in the app store that has the same functionality. On jailbroken phones Activator is free.

These 4 reasons alone make my iPhone use a much more satisfying experience, yet they can't be done under Apple's lockdown. So I'll jailbreak without hesitation.
post #52 of 179
For me to jailbreak I would have to see something I MUST HAVE, which APPLE doesn't offer.
By the way being that APPLE licenses the software by jailbreaking the Iphone you void the warranty.
post #53 of 179
Quote:
Originally Posted by BUSHMAN4 View Post

...
By the way being that APPLE licenses the software by jailbreaking the Iphone you void the warranty.

Interesting... IANAL, so I must ask: can using the Safari browser void the warranty? Is this mentioned in the EULA?
post #54 of 179
I think having Android hiking the bar up is great for competition. Makes for better consumer products whey they're trying to out do each other. Would Apple have even released their quasi-multitasking and other features if all they had to compete against was Palm? Or RIM? Or Nokia? Or Windows Mobile 6.5?

As for me running a Jailbroken iPhone. My must-have JB apps are:
1. Action Menu (sweet multiple clipboards of goodness)
2. MyWi 4.0 (tethering on a 5GB grandfathered in plan)
3. GV Mobile + (Multiple Google Voice accounts are crap without it, plus the web GV sucks)
4. AutoSilent (broke the damn silent switch on my 3G)
5. Backgrounder (works better than Apple's multitasking)
6. Rotation Inhibitor
And many more niceties. Apple killed WiFi Analyzer from the App Store and it doesn't run on iOS4, but WiFiFoFum works great.

Except for MyWi Apple could probably allow all of the above and AT&T wouldn't give a duck about it and it wouldn't cost Apple anything either.
post #55 of 179
Quote:
Originally Posted by Masterz1337 View Post







Better?

Are you joking? Especially with that first one... \
post #56 of 179
Quote:
Originally Posted by Trymee View Post

If for no other reason I would jailbreak my phone so that I can have a different SMS alert to the limited and rather hideous ones that Apple have imposed. In my group of friends it is nearly 100% iPhones - I want an SMS alert that is unique to me. Why Apple have not allowed such a basic action is beyond belief.

I can modify the carrier name to use their logo rather than a word. For a phone that is as much about aesthetic as functionality, you'd think carrier logo's would be standard.

iProtect - gives password access at app level so I can control what can & can't be opened. There is no app with the same functionality in the app store.

And then there's Activator - when you've configured this app and become accustomed to swipe or tap shortcuts it is painfully hard to go back to not having them. For example, at least twice daily I need to turn off the silent vibrate as well as sound - so I have to open home screen, find then open settings, open sounds flick two buttons and at least two home button presses to exit and then press the power button to sleep - or one swipe. So 4 times a day I have to go through either that laborious series of clicks or one swipe. That is just one of the shortcuts I have in Activator. I would happily pay for that ability but there is nothing in the app store that has the same functionality. On jailbroken phones Activator is free.

These 4 reasons alone make my iPhone use a much more satisfying experience, yet they can't be done under Apple's lockdown. So I'll jailbreak without hesitation.

I do agree with your last point but the other seem frivolous. The SMS looks like iChat which seems ok (a matter of preference) though it may be nice to have some customizations. I don't understand why the carrier name is a big deal and I don't understand the benefits of your third point.

To me the benefits of a jailbreak is that you get tethering, a carrier unlock to use your iPhone overseas and for widgets. Then again I'm a minimalist who wants the best available features without the complexity.
post #57 of 179
Where is davesw on this? For the last few days all we've heard is how insecure Android is and how iOS is fortress. His silence speaks volumes.
post #58 of 179
To be fair he was talking tethering. The fact that AT&T charges you an extra $20 for the privilege of tethering - without increasing the 2 GB limit - is BS. The data is the same whether it goes through the phone or your computer. Why does AT&T give a rat's behind, other than they see the opportunity to get an extra 20 bucks.

Quote:
Originally Posted by jragosta View Post

So your argument is that you should jailbreak your phone so that you can get access to services that you have not paid for? Thanks for confirming the common belief that people jailbreak their phones mostly so they can steal something.
post #59 of 179
Safari has more security flaws than the Death Star.

Stand by, stand by...
post #60 of 179
Just curious, but is there an App on Cydia that's similar to LittleSnitch?

Disclaimer: I use it to monitor and control what's going in and out of my Mac, since I have an ultra-slow Internet connection.
Knowing what you are talking about would help you understand why you are so wrong. By "Realistic" - AI Forum Member
Reply
Knowing what you are talking about would help you understand why you are so wrong. By "Realistic" - AI Forum Member
Reply
post #61 of 179
Doh.. hectic day at the office today Apple
post #62 of 179
Quote:
Originally Posted by Mazda 3s View Post

I don't think I'm alone when I say that looks hideous.

You may not be alone, but definitely not everybody. I personally would not JB, but do like some of the ideas/apps that are available for those that do. Pet peeves imo - ios4 multitask is poor, yes it works, but very cumbersome(if it's just suspended, why is it in the tray, no option to only allow certain apps to multitask); no tethering(-20 bucks), some widgets or special home screen info, lack of alert customization.
Hokey religions and ancient weapons are no match for a good blaster by your side, kid.
Reply
Hokey religions and ancient weapons are no match for a good blaster by your side, kid.
Reply
post #63 of 179
Quote:
Originally Posted by DrDoppio View Post

Just avoid visiting that website.

Yeah but if one website can gain root access using a zero-day exploit Apple haven't patched then other sites can too and steal all your data or worse like dialing out.

I'm picturing a lolcat in a browser window with the caption 'I is in ur browzer stealing ur contactz'.

I think this jailbreak release was delayed so that Apple wouldn't just patch it immediately and it would block the 4.01 updates.
post #64 of 179
Even if you can trick Safari in to running your code, how come Safari is running as a user that can modify the OS files in the first place? Given Safari's (and other browsers) track record shouldn't it have a low privilege account?
post #65 of 179
Quote:
Originally Posted by euler View Post

Maybe the hack was written in HTML5?

I like your style!
post #66 of 179
Quote:
Originally Posted by str1f3 View Post

I do agree with your last point but the other seem frivolous. The SMS looks like iChat which seems ok (a matter of preference) though it may be nice to have some customizations. I don't understand why the carrier name is a big deal and I don't understand the benefits of your third point.

To me the benefits of a jailbreak is that you get tethering, a carrier unlock to use your iPhone overseas and for widgets. Then again I'm a minimalist who wants the best available features without the complexity.

Agreed on the tethering and unlock, I have used them when travelling. Like you, my preference is to be able to do things as quickly as possible with the least amount of complexity - hence the use of Activator to make one swipe actions for something that would normally be 10 taps/swipes.

Believe me, when you're with a group of 10 iPhone users that all prefer the same SMS alert because it's the only decent one, the ability to have a unique alert is a godsend - when i receive one I know it's for me and everyone else is spared having to check if it was their phone!

The carrier logo makes enough of a difference to the look that nearly everyone comments on it - it was more about the fact that with a jailbroken phone, I have that choice. iProtect is one of those "horses for courses" - invariably people ask to look at your iPhone, I prefer the confidence of knowing that personal or confidential information that I may have in notes, Todo lists, photo's or particular apps cannot be accessed because they are password protected.

Quote:
Originally Posted by str1f3 View Post

So your argument is that you should jailbreak your phone so that you can get access to services that you have not paid for? Thanks for confirming the common belief that people jailbreak their phones mostly so they can steal something.

Contrary to your rather lame & narrow minded comment - not everyone jailbreaks to pirate or engage in illegal activity, I do so to give the iPhone I OWN, the functionality I want - and guess what, it's not illegal. I have paid for all the apps & media on my iPhone that attract a fee so I resent your generalisation. Perhaps you need to take the rose coloured glasses off because there's a whole big world outside of the one Steve wants you to see!
post #67 of 179
Don't pee in your panties, jailbreakers. You're now allowed to post your rubbish.

We mean Apple no harm.

People are lovers, basically. -- Engadget livebloggers at the iPad mini event.

Reply

We mean Apple no harm.

People are lovers, basically. -- Engadget livebloggers at the iPad mini event.

Reply
post #68 of 179
Quote:
Originally Posted by akhomerun View Post

ugh, it's silly that patents like this can exist. still, you're right.

we need patent law reform, especially for software.

I'm not against software patents. People make a wide swath on this issue when they choose to deliberately ignore the Human Interface Guidelines design of the UI and how it particularly interacts with the operator and then the actual code to use that seemingly straight forward action which does interact with sensors and more.

If Apple wrote a one-click like Amazon, then I'd agree. This patent is part of a particular design of real-time embedded environments and something entirely different than Amazon's link service via a Browser.

If you think no one is going to patent, and rightly so, control systems software and the UI design for say future space control panels you're crazy. They should get the patent on it.

The only way we ever get rid of Patents is if the world suddenly becomes Star Trek and the need to accumulate wealth has become obsolete.
post #69 of 179
Quote:
Originally Posted by lkrupp View Post

Wait until a real bad bug gets loose and pwns jailbroken iPhones along with user data, password, and account numbers.

I wonder who will get the blame? Is there any question who it will be? What will the trolls attack as an insecure, useless device? Who will the tech blogs go after? The iPhone Dev-Team? The ass hat users who compromised their phones? The malware author? Nope. We all know who they will go after don't we.

You know, I was just on Engadget and all them a**holes were saying they were JBing their iphone 4. Man what suckers. They have zero assurance that the stuff they're putting in their iphone ain't some special malware or virus.
The writing is on the wall. They are going to get so screwed!!!!!
post #70 of 179
Quote:
Originally Posted by Trymee View Post

Agreed on the tethering and unlock, I have used them when travelling. Like you, my preference is to be able to do things as quickly as possible with the least amount of complexity - hence the use of Activator to make one swipe actions for something that would normally be 10 taps/swipes.

Believe me, when you're with a group of 10 iPhone users that all prefer the same SMS alert because it's the only decent one, the ability to have a unique alert is a godsend - when i receive one I know it's for me and everyone else is spared having to check if it was their phone!

The carrier logo makes enough of a difference to the look that nearly everyone comments on it - it was more about the fact that with a jailbroken phone, I have that choice. iProtect is one of those "horses for courses" - invariably people ask to look at your iPhone, I prefer the confidence of knowing that personal or confidential information that I may have in notes, Todo lists, photo's or particular apps cannot be accessed because they are password protected.



Contrary to your rather lame & narrow minded comment - not everyone jailbreaks to pirate or engage in illegal activity, I do so to give the iPhone I OWN, the functionality I want - and guess what, it's not illegal. I have paid for all the apps & media on my iPhone that attract a fee so I resent your generalisation. Perhaps you need to take the rose coloured glasses off because there's a whole big world outside of the one Steve wants you to see!

Yeah, the ones that don't have the talent to make their own tech. You're argument is lame. You are the one that went to a site and downloaded code from people you don't know. That has fail all over it. Can you be certain that the sh** you used to JB your iphone ain't capturing and sending your sh** out to China? Russia? I hope you get taken for a fat ride.
post #71 of 179
Quote:
Originally Posted by zorinlynx View Post

Umm, doesn't this mean that a malicious website could also "jailbreak" the iPhone and install a rootkit, then do really bad things with your phone, steal your information, call 976 numbers, and so on?

I'm all for jailbreaking the phone but it's a bit scary that you can run code in a browser to do it. This just waiting for someone to exploit some high profile commercial site and pwn hundreds of thousands of iPhones...

That is the plan!!!
post #72 of 179
Quote:
Originally Posted by druble View Post

There have been worms in the past that have affected jailbroken phones (Remember the iPhones that got rick rolled?). While becoming infected with a virus or root-kit may be easily resolved by reloading the phones OS, the damage of all your contacts and pictures potentially being stolen, app store purchases, phone calls or sms messages to paid services is a little harder to undo so quickly. Especially if an virus that affects jailbroken phones also loads on an extra one that infects your computer when you connect your phone to it to try to reload the phone.

Not trying to fear monger, but as a rooted Android owner, I fully understand what the implications of my actions could entail, and if you are going to jailbreak, you cant sit back and believe there is an undo button if you get hit with a virus. You need to understand that you have compromised your security further, and you must take extra precautions to protect yourself that that average user would not take. Educating yourself as much as possible before doing such an activity will go a long ways, so don't just jailbreak because you can because it is so easy to do.

who are you going to go to with a JB iphone suffering a virus? Yo mama?Who made the exploit to JB the iphone? You don't fu***** know! Where are they from? You don't fu**** know!
Talk about Apple's security? Ha! The idiots that went to some damn clandestine website to install code to JB a phone are the biggest loser around here.
post #73 of 179
Quote:
Originally Posted by jb2017 View Post

I've JB two iPhone 4's and after the install is complete everything works fine. When you need to restart your iPhone 4 you lose two key features, FaceTime and MMS. I've heard you can do a restore to get it back but i've not been able too.. Let me know if anyone else has the same probs or has a work around

Depending on your definition of "everything" and "works" I suppose...

I wonder if I can mod my bumper to get neon undertray lighting effects...
post #74 of 179
Quote:
Originally Posted by shadash View Post

To be fair he was talking tethering. The fact that AT&T charges you an extra $20 for the privilege of tethering - without increasing the 2 GB limit - is BS. The data is the same whether it goes through the phone or your computer. Why does AT&T give a rat's behind, other than they see the opportunity to get an extra 20 bucks.

Who cares about whether you think it's fair or not?

AT&T gives you a contract. You agree to the contract. The contract does not allow tethering.

You have 2 choices:
1. Choose a different carrier (and phone).
2. Obtain an iPhone with AT&T contract under false pretenses and violate the contract.

Sorry, but #2 is completely unethical and tantamount to theft. You're taking a service you didn't pay for.

Quote:
Originally Posted by maccherry View Post

who are you going to go to with a JB iphone suffering a virus? Yo mama?Who made the exploit to JB the iphone? You don't fu***** know! Where are they from? You don't fu**** know!
Talk about Apple's security? Ha! The idiots that went to some damn clandestine website to install code to JB a phone are the biggest loser around here.

They'll go to Apple, of course. And then they'll write their impassioned pleas in their silly little blogs that the iPhone is junk.

Quote:
Originally Posted by Mazda 3s View Post

1) It starts downloading the jailbreak software witha progress bar
2) Once downloaded, it presents another status bar to show the installation process
3) After that, it presents a message saying jailbreak was successful.
4) It then adds Cydia to your homescreen
5) You're done. It doesn't even force you to reboot

That looks like a serious problem. Safari shouldn't have access to root. I'm sure it will be addressed, so enjoy your jailbreaking now.

Quote:
Originally Posted by akhomerun View Post

it's unfair to be charged for tethering. there are no longer any unlimited data plans with at&t. if you stay below your data quota, you are using the same amount of data, why should you have to pay extra to tether your device? why pay a monthly fee to unlock a feature that costs the phone company $0? it's highway robbery.

phone companies should WANT you to tether, then you have a better chance of running over your data quota and then they can charge you outrageous overage fees.

If phone companies want you to tether, why don't they allow it? Seems to me that AT&T knows what it wants more than you do?

Is it fair? Who knows? But you signed a contract with AT&T saying that you could not tether. If you don't like it, get your phone service from someone else. It's not like AT&T is the only phone company on the planet.

Quote:
Originally Posted by akhomerun View Post

i find it disturbing how against jailbreaking the appleinsider community is. there is no potential for permanent phone damage, and it doesn't even void your warranty because you can just restore to an official firmware and there's no way apple can know that you jailbroke your phone.

Really? No one ever bricked a phone by jailbreaking it? No one opened their phone up to malware by jailbreaking?

And no one ever took a jailbroken phone to an Apple Store to ask for help - causing Apple to spend time and money on it?

Apple reported that the cost of jailbreaking is significant. They shouldn't have to deal with that. The rest of us shouldn't have to deal with crap like the reports of malware on the iPhone - malware that only got there by jailbreaking the phone. It makes the iPhone look insecure.
"I'm way over my head when it comes to technical issues like this"
Gatorguy 5/31/13
Reply
"I'm way over my head when it comes to technical issues like this"
Gatorguy 5/31/13
Reply
post #75 of 179
Woohoo, have been without MyWi since iOS 4's release., it's the only reason I ever found to jailbreak my iPhone.

Thank you iPhone Dev team!
iPad, Macbook Pro, iPhone, heck I even have iLife! :-)
Reply
iPad, Macbook Pro, iPhone, heck I even have iLife! :-)
Reply
post #76 of 179
Quote:
Originally Posted by Marvin View Post

Yeah but if one website can gain root access using a zero-day exploit Apple haven't patched then other sites can too and steal all your data or worse like dialing out.

I'm picturing a lolcat in a browser window with the caption 'I is in ur browzer stealing ur contactz'.

I think this jailbreak release was delayed so that Apple wouldn't just patch it immediately and it would block the 4.01 updates.

It doesn't gain root access.
post #77 of 179
Wow they keep making this easier and easier...........

Tallest Skil:


"Eventually Google will have their Afghanistan with Oracle and collapse"

"The future is Apple, Google, and a third company that hasn't yet been created."


 


 

Reply

Tallest Skil:


"Eventually Google will have their Afghanistan with Oracle and collapse"

"The future is Apple, Google, and a third company that hasn't yet been created."


 


 

Reply
post #78 of 179
I've got a 3GS w/ 4.01 and I got boot neuter and ultrasn0w but bootneuter bombs out and I can't seem to find the run option for ultrasn0w to unlock my phone - little help please?

Thanks!
post #79 of 179
Quote:
Originally Posted by ascii View Post

Safari has more security flaws than the Death Star.

Stand by, stand by...

So you're saying it has a small hole only a Jedi could hit?
post #80 of 179
All I can say is wow...just wow. The fact that something like this can run straight from a web browser is unbelievable to say the least. Makes me wonder how much of apples security is "perceived" and only waiting for somebody to take advantage.

If I was steve jobs, there's be a crap storm this morning in the safari team office
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: iPhone
AppleInsider › Forums › Mobile › iPhone › Hackers release browser-based 'jailbreak' for iPhone 4