Originally Posted by aaarrrgggh
Personally, I am loathe to give my credit card info to a site with more relaxed internal controls than Apple. Look at the Sony attacks for starters. I am also a little nervous about the security risks of jailbreaking.
That said, I travel enough internationally that an unlocked phone is a must. Buying unlocked but still paying the same rates for a subsidized device is almost as criminal as the roaming rates the telcos charge.
Jay Freeman uses Amazon for payments, others use PayPal, and Jay issues refunds on a regular basis for shitty apps and devs that provide bad support even though he doesn't write the apps. I've had two refunds (7$ and 2$) for apps made by one developer that lied about support and then released a broken update after those apps were out for about a year. You aren't giving your credit card info to anyone that can steal it, it goes through Amazon or PayPal. You have a problem it's covered through them and Jay is extremely nice and responds to problems very quickly.
As for security problems of jailbreaking, there aren't any. OpenSSH isn't installed by default hasn't happened for a very long time and if you choose
to install it (just like anything you install on any computer or device) the packages has a popup that warns you sternly to change the SSH password ASAP. 10 second google search will tell you exactly how and SSH is as secure as it's password. Amazingly Apple hasn't changed the default SSH password since the beginning.
The attacks that were so stupidly overblown about people hacking into iPhones and changing the background were so devoid of actual facts it was infuriating. For one it only occured on iPhones that the end users chose
to install OpenSSH and ignore the many, many warnings about changing the password. No more severe than not setting a strong password on anything else. Secondly the way it was done cannot happen here in the US. The attacks were through the data address their carriers assigned to that phone on it's data plan. They just hit a huge range of those data IPs to see what came up. US carriers don't allow anyone to SSH through that data IP so it was never a threat here. The past few jailbreaks have fixed the very hole they exploited immediately, meaning that a jailbroken phone is more
secure than a non-jailbroken phone.
All this fear mongering about security issues on jailbroken iOS devices and not once
has anything happened. Not once.
Besides, every member of the Dev Team, Chronic Dev Team, @comex, @chpwn and so on are well known in that community, real names and all, that to do something that would steal info and so on would be really stupid anyway. When someone that says there is security issues with jailbroken iOS devices I always ask them for a specific
example that jailbreaking has stolen their info/something of value and then ask how many apps have been removed from the official App Store has done the same. The usual answer is something completely false, them trying to bullshit their way through the question, or a blatant 'I don't know of any but that's what people say.' There is no less security with a jailbroken iOS device than there is without it. Alot of the time it's more secure.