or Connect
AppleInsider › Forums › Mobile › iPhone › Hackers release new browser-based iOS 'jailbreak' based on PDF exploit
New Posts  All Forums:Forum Nav:

Hackers release new browser-based iOS 'jailbreak' based on PDF exploit - Page 2

post #41 of 74
Quote:
Originally Posted by gregord View Post

I still think that most people who make sweeping assumptions about jailbreakers are speaking about things they know nothing about. My involvement in jailbreaking ios devices goes back to late 2007 when the first jailbreak was released. I DO know a lot of people who have chosen to jailbreak their devices. While some people do it just to pirate apps, many just want tweaks and apps that are not approvable by app store. Why are you so quick to assume it is only because they are cheap? I think if you bothered to investigate you would find much evidence to the contrary. Cydia (the 3rd party store) has many apps that cost money. There are developers making money on the cydia store, many I know personally. So to rephrase your premise, people jailbreak because they are too cheap to buy $.99 apps on the app store, but are willing to buy from a 3rd party store that involves more cumbersome payment methods to get apps costing typically from $1-$10. Yeah real solid logic there, Apple ][

Why buy from Cydia when your jailbroken iphone has access to pirated versions of everything anyway?
Better than my Bose, better than my Skullcandy's, listening to Mozart through my LeBron James limited edition PowerBeats by Dre is almost as good as my Sennheisers.
Reply
Better than my Bose, better than my Skullcandy's, listening to Mozart through my LeBron James limited edition PowerBeats by Dre is almost as good as my Sennheisers.
Reply
post #42 of 74
Because not everyone who jailbreaks is a pirate

MyWi, MyWi and MyWi. That's really all I have installed.
post #43 of 74
Quote:
Originally Posted by hill60 View Post

Why buy from Cydia when your jailbroken iphone has access to pirated versions of everything anyway?

(there are millions of users of Cydia, but only ~5% of them make purchases from the storefront).


http://www.macnotes.net/2010/03/30/c...k-jay-freeman/
post #44 of 74
Quote:
Originally Posted by hill60 View Post

Why buy from Cydia when your jailbroken iphone has access to pirated versions of everything anyway?

Because we don't want to pirate, and there are paid apps in Cydia. There are a lot of useful free apps in Cydia as well.

What people seem to be forgetting is that you don't need to jailbreak in order to pirate. You can do so with the SDK.

Sure, some number of jailbreakers are pirates, but since yo don't need to jailbreak in order to pirate obviously people, like me, see other benefits to jailbreaking.
post #45 of 74
Quote:
Originally Posted by cloudgazer View Post

The significance here isn't that it's a jailbreak - it's that it's a web based rootkit. ie. this is a huge gaping hole in the iPhone's security model - and once again comes curtesy of the PDF reader.

The curse of Adobe strikes again!

Sorry no, this is all Apple. PDF is an open format to read and write. How you implement that is up to your programmers. The hackers create a bogus PDF file and if Apple's programmers allow that file to overflow a buffer, it is not Adobe's fault,

Life is too short to drink bad coffee.

Reply

Life is too short to drink bad coffee.

Reply
post #46 of 74
On on a related note, Microsoft is double-daring the hacker community to attempt a DDoS attack on their servers. Says it can't be done. . .

http://www.networkworld.com/communit..._pm_2011-07-06
melior diabolus quem scies
Reply
melior diabolus quem scies
Reply
post #47 of 74
Quote:
Originally Posted by Prof. Peabody View Post

Indeed. The reaction to this news on most sites I've seen this morning is either a yawn, or a "why would anyone jailbreak anymore?"

If jailbreaking isn't already on the wane, the rise of WebApps next year and the year after will put the last nail in the coffin. It will actually be better because it will go back to being something that a techie does for laughs instead of a mock business run by 17 year old asshats.

Ad hominem attack deleted - JL

Adhominem aside- I still was right. -MRR
post #48 of 74
Ah, AppleInsider today... I come for the news, but stay for the insults.
post #49 of 74
Quote:
Originally Posted by Apple ][ View Post

(there are millions of users of Cydia, but only ~5% of them make purchases from the storefront).


http://www.macnotes.net/2010/03/30/c...k-jay-freeman/

Personally, I am loathe to give my credit card info to a site with more relaxed internal controls than Apple. Look at the Sony attacks for starters. I am also a little nervous about the security risks of jailbreaking.

That said, I travel enough internationally that an unlocked phone is a must. Buying unlocked but still paying the same rates for a subsidized device is almost as criminal as the roaming rates the telcos charge.
post #50 of 74
Quote:
Originally Posted by cloudgazer View Post

The significance here isn't that it's a jailbreak - it's that it's a web based rootkit. ie. this is a huge gaping hole in the iPhone's security model - and once again comes curtesy of the PDF reader.

The curse of Adobe strikes again!

Quote:
Originally Posted by Splash-reverse View Post

What? Adobe security exploit again? What are they doing in there? PDF shouldn't have been this insecure.

And the one to blame is Adobe because....


Ah, yes, because the program exploited is a program developed by Adobe, using libraries done by Adobe, used in a device designed and built by Adobe.

Righy?
post #51 of 74
Quote:
Originally Posted by Gwydion View Post

And the one to blame is Adobe because....


Ah, yes, because the program exploited is a program developed by Adobe, using libraries done by Adobe, used in a device designed and built by Adobe.

Righy?

If that's true, Jobs must be very noisy now.
post #52 of 74
This is actually some pretty impressive work by comex and others. It's a userland jailbreak (ie. much less complicated) that covers so many devices including the previously impervious iPad 2.

Technically, I think the jailbreak community keeps Apple on its toes.

Apple locked down the iPad 2 pretty hard following all the previous jailbreak exploits.

By releasing this jailbreak now along with the patch, they've pretty much ensured Apple will close the hole as iOS 5 is released and make the iPad 2 even more secure.

Piracy is unfortunate, I buy all my apps including LockInfo and DisplayOut from Cydia, even though, yes, the cracked versions of Cydia apps are also available.

Hackers gonna hack, pirates gonna pirate.

With iOS 5 closing this jailbreak and having the features you had to jailbreak to get, iOS will only get better and will encourage more legitimate purchasing of apps.

Also, with Apple finally selling a fully unlocked iPhone 4 in the US, and increasing this avenue around the world, the need to jailbreak to carrier unlock will be diminished.

With my iPad 2 right now having full mirroring, I can't think of any need to jailbreak it. As for my iPhone 4, LockInfo and DisplayOut is still important, as is of course the essential SBSettings. Once you use SBSettings it is hard to go back. It's very convenient.
post #53 of 74
Quote:
Originally Posted by Gwydion View Post

Ah, yes, because the program exploited is a program developed by Adobe, using libraries done by Adobe, used in a device designed and built by Adobe.

A program reading a document in a format defined by Adobe, a format which has a long history of security problems across multiple platforms and multiple readers

http://en.wikipedia.org/wiki/PDF#Viruses_and_exploits

Sometimes I wonder if the acronym really stands for Payload Deployment Format.
post #54 of 74
Quote:
Originally Posted by gwlaw99 View Post

People who are appalled at jailbreakers are the same people who 3 months ago said that iPhone notifications were fine and that adding any information on the lock screen would make the iPhone into a horrible mess that only geeks (read: closet android fans) would want. People jailbreak because they want the features that jailbreaking provides.

Although there is less of a need now for JB, I would do it in a minute if I could get an important feature that has been available on many dumbphones for years: the ability to record both sides of a conversation. Several European countries will make this compulsory for business transactions soon, e.g.:

"In November, Britains Financial Services Authority (FSA) will roll out legislation requiring all financial services companies to record their mobile phone and text correspondence. Similar legislation has been enacted across other European states, most recently in Norway, under the umbrella of the EU Markets in Financial Instruments Directive (MiFID)."

See: http://www.growingbusiness.co.uk/com...nvestment.html
post #55 of 74
Quote:
Originally Posted by cloudgazer View Post

A program reading a document in a format defined by Adobe, a format which has a long history of security problems across multiple platforms and multiple readers

http://en.wikipedia.org/wiki/PDF#Viruses_and_exploits

Sometimes I wonder if the acronym really stands for Payload Deployment Format.

Blaming Adobe for the vulnerability of Reader App on iOS is like blaming W3C for a vulnerability on Safari Browser
post #56 of 74
Quote:
Originally Posted by LogicNReason View Post

Whenever I see people who can't appreciate the importance of work that people do FOR OTHERS it just makes me feel better about myself.



you actually think Jay Freeman and company have not made tens of thousands of dollars ensuring cydia is always available, you are crazy.
post #57 of 74
deleted
post #58 of 74
deleted
post #59 of 74
Quote:
Originally Posted by gwlaw99 View Post

People who are appalled at jailbreakers are the same people who 3 months ago said that iPhone notifications were fine and that adding any information on the lock screen would make the iPhone into a horrible mess that only geeks (read: closet android fans) would want. People jailbreak because they want the features that jailbreaking provides.

Can you link even one post within the past two years where someone said the notification system is fine. Even the biggest iPhone fans have been fairly universal in their dislike of the current notification system...
post #60 of 74
Quote:
Originally Posted by nvidia2008 View Post

This is actually some pretty impressive work by comex and others. It's a userland jailbreak (ie. much less complicated) that covers so many devices including the previously impervious iPad 2.

Technically, I think the jailbreak community keeps Apple on its toes.

Apple locked down the iPad 2 pretty hard following all the previous jailbreak exploits.

By releasing this jailbreak now along with the patch, they've pretty much ensured Apple will close the hole as iOS 5 is released and make the iPad 2 even more secure.

Piracy is unfortunate, I buy all my apps including LockInfo and DisplayOut from Cydia, even though, yes, the cracked versions of Cydia apps are also available.

Hackers gonna hack, pirates gonna pirate.

With iOS 5 closing this jailbreak and having the features you had to jailbreak to get, iOS will only get better and will encourage more legitimate purchasing of apps.

Also, with Apple finally selling a fully unlocked iPhone 4 in the US, and increasing this avenue around the world, the need to jailbreak to carrier unlock will be diminished.

With my iPad 2 right now having full mirroring, I can't think of any need to jailbreak it. As for my iPhone 4, LockInfo and DisplayOut is still important, as is of course the essential SBSettings. Once you use SBSettings it is hard to go back. It's very convenient.

Does not work on my 4.33 3GS, will not even try on my iPad. I just wanted to see if it actually works. Did any of the sites promoting/discussing this even bother to try it and test their claims...
post #61 of 74
So, what - slow news day today?

Seriously, there is nothing wrong with jailbreaking - I don't do it on my regular devices because I need their reliability and security for my work (SOX, etc requirements) and company policy expressly disallows jailbroken devices.

But you who decry jailbreaking are silly buggers who could well be accused of unctuous self-righteousness in the extreme. And worse those jailbreakers on here who are busy writing scathing responses look even sillier!

Obviously jailbreaking has its uses, and its a lot more secure and easier to do than before. If the jailbreaking community would spend less time opining about their David and Goliath relationship to Apple ( the scale is all wrong, but its the best example) and just enjoy the vissitudes of the erstwhile freedom you gain in doing it, you would be far better off than burning precious minutes of your day retorting to the occasional idiocy that rears it's head on a regular basis here.

The actual active jailbreaking community (as opposed to those many who are simply utilitarian incidental breakers) is a tiny fraction of the iOS user base. Surely you realize that. And don't bother to go on about "well all the people <I> know have jailbroken phones" or "there are millions of jailbroken phone on T-Mobile". Those numbers, while impressive and significant to you are not impressive and significant in the market at large - no matter how much you wish it to be so. And its OK.

Everyone keep your toys in your sandboxes and stop throw sand at each other. Apple uses input and feedback from a wide range of sources (including jailbreaking sites and blogs, for example) to review their security and feature strategy, among others. There is a reason why Apple is Apple and well you , are you. When you can stand your company up toe-to-toe with Apple and deliver as many products across the range of users they have to support, you then have bragging rights. Until then everyone is entitled to an opinion. And all opinions are NOT created equal.

Peace.
If you are going to insist on being an ass, at least demonstrate the intelligence to be a smart one
Reply
If you are going to insist on being an ass, at least demonstrate the intelligence to be a smart one
Reply
post #62 of 74
Quote:
Originally Posted by MacRulez View Post

True. From GIF, PNG, JPEG, and many other binary file formats have been used to deliver malicious payloads. Negligent error-checking in the software that reads such formats does not mean that the formats themselves are inherently insecure.

Those were generally buffer overruns and also generally limited to a few platforms - PDF includes javascript and so it's far more intrinsically insecure. They were not issues intrinsic to the file format, they were issues with PHP and the like that could be exploited with the file format - there is a difference. The JPG case was in fact a traditional exe virus that used JPGs to distribute payload.

Quote:
Moreover, if it was the case that this ISO-standard format is somehow inherently insecure, what would it say about Apple's judgment that they've made PDF such an integral part of the iOS and OS X experience?

There's a distinction between display-PDF which is intrinsic to the OS and regular PDF which is not. I've not heard of any security issues with display PDF, any more than I've heard of significant security problems with Postscript.
post #63 of 74
Quote:
Originally Posted by Gwydion View Post

Blaming Adobe for the vulnerability of Reader App on iOS is like blaming W3C for a vulnerability on Safari Browser

If the security problems are endemic to all the readers then it's fair to blame the standard. In this case it wouldn't be W3C because they never took responsibility for Javascript. Javascript is an abomination born from Netscape & Microsoft, with a side order of Sun, it's introduced security problems ever since it was created.

Adobe's inclusion of JS in PDF was completely unnecessary, so in this context I blame them.

http://www.adobe.com/support/security/#readerwin

Compare that to how many security problems Postscript suffered.
post #64 of 74
Quote:
Originally Posted by cloudgazer View Post

If the security problems are endemic to all the readers then it's fair to blame the standard. In this case it wouldn't be W3C because they never took responsibility for Javascript. Javascript is an abomination born from Netscape & Microsoft, with a side order of Sun, it's introduced security problems ever since it was created.

Adobe's inclusion of JS in PDF was completely unnecessary, so in this context I blame them.

Apple decided to make their own reader for PDF and make it system wide. They are the ones responsible for maintaining security. PDF is just a document no different than a Word document which Apple's Pages can also read to some extent. Acrobat files can contain all kinds of data just like Word files can contain Active X. The programmer of the reader software decides which types of data to read and which to ignore. If you decide to read a certain type of data within the file then you assume the responsibility of maintaining the security of that part of the interaction with the document. In this case Apple accepted the data, read it and interacted with it. When they update the OS they will fix that oversight.

Life is too short to drink bad coffee.

Reply

Life is too short to drink bad coffee.

Reply
post #65 of 74
Quote:
Originally Posted by mstone View Post

Apple decided to make their own reader for PDF and make it system wide. They are the ones responsible for maintaining security.

Oh there's no doubt that it's Apple's problem, the point is that it's courtesy of Adobe.

Quote:
Acrobat files can contain all kinds of data just like Word files can contain Active X.

We're not talking about attachments here that can be exported to other programs that have security issues. We're not even talking about substreams that link to other applications over some sort of object model - we're talking about an intrinsic part of the file format. Completely different deal.

Quote:
If you decide to read a certain type of data within the file then you assume the responsibility of maintaining the security of that part of the interaction with the document.

This is intrinsic to the data format, you can't leave it out and still claim to be a conformant PDF reader.
post #66 of 74
deleted
post #67 of 74
Quote:
Originally Posted by cloudgazer View Post

This is intrinsic to the data format, you can't leave it out and still claim to be a conformant PDF reader.

Of course you can. An Acrobat file can contain stickies, movies, Flash, links, even web conference connections, forms, etc. Apple does not read anything except the layout. None of the advanced features are included in their reader. Yet they included enough to get themselves into trouble. Just like last time it is probably a font exploitation since fonts are linked to the core system services.

Life is too short to drink bad coffee.

Reply

Life is too short to drink bad coffee.

Reply
post #68 of 74
deleted
post #69 of 74
deleted
post #70 of 74
Quote:
Originally Posted by Wovel View Post

Does not work on my 4.33 3GS, will not even try on my iPad. I just wanted to see if it actually works. Did any of the sites promoting/discussing this even bother to try it and test their claims...

Worked on my iPad 2 WiFi 16GB. Tried it last night. Virtually instantaneous jailbreak. Since the iPad 2 has display mirroring already, all I did was change the lockscreen and system fonts (using the free Bytafont app on Cydia). It's like an OS upgrade, having my favourite non-Apple-supplied fonts back on my iPad 2, I liked those fonts on my jailbreaked iPad 1.

Small suggestion, just check the official Dev Team blog for possible solutions to why it didn't work on your 3GS.
post #71 of 74
Quote:
Originally Posted by Apple ][ View Post

(there are millions of users of Cydia, but only ~5% of them make purchases from the storefront).


http://www.macnotes.net/2010/03/30/c...k-jay-freeman/

Not all paid apps go through Jay Freeman. Some accept paypal. Had you known anything about jailbreaking and the Cydia store you'd know that. Not using the Cydia storefront doesn't mean that only 5% pay for Cydia apps.
post #72 of 74
Quote:
Originally Posted by aaarrrgggh View Post

Personally, I am loathe to give my credit card info to a site with more relaxed internal controls than Apple. Look at the Sony attacks for starters. I am also a little nervous about the security risks of jailbreaking.

That said, I travel enough internationally that an unlocked phone is a must. Buying unlocked but still paying the same rates for a subsidized device is almost as criminal as the roaming rates the telcos charge.

Jay Freeman uses Amazon for payments, others use PayPal, and Jay issues refunds on a regular basis for shitty apps and devs that provide bad support even though he doesn't write the apps. I've had two refunds (7$ and 2$) for apps made by one developer that lied about support and then released a broken update after those apps were out for about a year. You aren't giving your credit card info to anyone that can steal it, it goes through Amazon or PayPal. You have a problem it's covered through them and Jay is extremely nice and responds to problems very quickly.

As for security problems of jailbreaking, there aren't any. OpenSSH isn't installed by default hasn't happened for a very long time and if you choose to install it (just like anything you install on any computer or device) the packages has a popup that warns you sternly to change the SSH password ASAP. 10 second google search will tell you exactly how and SSH is as secure as it's password. Amazingly Apple hasn't changed the default SSH password since the beginning.

The attacks that were so stupidly overblown about people hacking into iPhones and changing the background were so devoid of actual facts it was infuriating. For one it only occured on iPhones that the end users chose to install OpenSSH and ignore the many, many warnings about changing the password. No more severe than not setting a strong password on anything else. Secondly the way it was done cannot happen here in the US. The attacks were through the data address their carriers assigned to that phone on it's data plan. They just hit a huge range of those data IPs to see what came up. US carriers don't allow anyone to SSH through that data IP so it was never a threat here. The past few jailbreaks have fixed the very hole they exploited immediately, meaning that a jailbroken phone is more secure than a non-jailbroken phone.

All this fear mongering about security issues on jailbroken iOS devices and not once has anything happened. Not once. Besides, every member of the Dev Team, Chronic Dev Team, @comex, @chpwn and so on are well known in that community, real names and all, that to do something that would steal info and so on would be really stupid anyway. When someone that says there is security issues with jailbroken iOS devices I always ask them for a specific example that jailbreaking has stolen their info/something of value and then ask how many apps have been removed from the official App Store has done the same. The usual answer is something completely false, them trying to bullshit their way through the question, or a blatant 'I don't know of any but that's what people say.' There is no less security with a jailbroken iOS device than there is without it. Alot of the time it's more secure.
post #73 of 74
Quote:
Originally Posted by GQB View Post

Whenever I feel down I just think about these guys who REALLY don't have lives, and feel so much better.

How do they not have lives? This is some extremely hard work that takes someone that has a very good understanding of computer science and lots of specialized skill. This isn't the only work that comex has done, he works on a wide range of systems. Very well known security expert Charlie Miller has commended this as being very well done and extremely impressive, noting the huge amount of skill and very good knowledge it takes to do this. I'd say that you have neither a life or the intelligence to see exactly what's been done here, not just a jailbreak of iOS but someone out there is very skilled at this and asks for absolutely nothing in return. Unlike 'hackers' like the ones in LulzSec and anonymous, these guys aren't doing it for money, fame, or revenge. They are doing it because they love the devices they own and want others to use them to their full potential. I for one really appreciate this effort because it allows me to unlock a phone I paid full price for, that alone is reason enough to give them an attaboy.
post #74 of 74
Quote:
Originally Posted by Wovel View Post

Does not work on my 4.33 3GS, will not even try on my iPad. I just wanted to see if it actually works. Did any of the sites promoting/discussing this even bother to try it and test their claims...

Any problems you might have could be very simple to fix. It appears that you didn't actually try because there are over 1 million people that have had success so I seriously doubt you 'just tried it out to see of it was possible.' It IS possible, you just didn't actually try because it's actually quite easy to do. The easiest jailbreak ever done in fact.
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: iPhone
AppleInsider › Forums › Mobile › iPhone › Hackers release new browser-based iOS 'jailbreak' based on PDF exploit