Hackers release new browser-based iOS 'jailbreak' based on PDF exploit
Hackers have once again released a "jailbreak" for iOS devices that can be completed through the Mobile Safari Web browser, taking advantage of an exploit found in the operating system's PDF reader.
The hack can be accomplished by visiting the website jailbreakme.com on an iPhone, iPad or iPod touch. It is compatible with all of Apple's current iOS-powered mobile devices, including the iPad 2 and iPhone 4.
The hack was developed by "comex," Grant "chpwn" Paul and Jay "saurik" Freeman, and is compatible with iOS 4.3 through 4.3.3 on all iPads, the iPhone 3GS, GSM iPhone 4, and third- and fourth-generation iPod touch. It also works with iOS 4.2.6 through 4.2.8 for the CDMA iPhone 4.
The official site tells visitors they can jailbreak their iOS device to experience the software "fully customizable, themeable, and with every tweak you could possibly imagine." Jailbreaking is the term used to describe hacking iOS to allow users to install custom software and tweaks not approved by Apple.
The site also refers to jailbreaking as "safe and completely reversible," as users can restore their iPhone or iPad to the original, unaltered iOS software by restoring with iTunes. But jailbreaking is also a warranty-voiding process that Apple has warned users carries security risks. In 2009, a worm spread only on jailbroken iPhones that had enabled SSH for file transfer and did not change the default password.
Last July, the U.S. government affirmed that the process of jailbreaking is considered legal, though Apple is under no obligation to support users who have issues with hacked software.
The new "jailbreakme" site also asks users: "Please don't use this for piracy." While software can be legally downloaded or even sold through the jailbreak-only "Cydia" store, jailbreaking can also be used to pirate software that is sold on Apple's App Store.
This week's new jailbreak method is the second time hackers have exploited a PDF-related security hole in the Mobile Safari browser. The previous hack, issued last August, relied on a corrupt font to crash Safari's Compact Font Format handler.
Ironically, hackers who exploited the PDF security hole in iOS last year also delivered their own security fix to address the very same issue on jailbroken devices. The patch aimed to ensure that dishonest hackers would not be able to utilize the exploit for malicious purposes.
The hack can be accomplished by visiting the website jailbreakme.com on an iPhone, iPad or iPod touch. It is compatible with all of Apple's current iOS-powered mobile devices, including the iPad 2 and iPhone 4.
The hack was developed by "comex," Grant "chpwn" Paul and Jay "saurik" Freeman, and is compatible with iOS 4.3 through 4.3.3 on all iPads, the iPhone 3GS, GSM iPhone 4, and third- and fourth-generation iPod touch. It also works with iOS 4.2.6 through 4.2.8 for the CDMA iPhone 4.
The official site tells visitors they can jailbreak their iOS device to experience the software "fully customizable, themeable, and with every tweak you could possibly imagine." Jailbreaking is the term used to describe hacking iOS to allow users to install custom software and tweaks not approved by Apple.
The site also refers to jailbreaking as "safe and completely reversible," as users can restore their iPhone or iPad to the original, unaltered iOS software by restoring with iTunes. But jailbreaking is also a warranty-voiding process that Apple has warned users carries security risks. In 2009, a worm spread only on jailbroken iPhones that had enabled SSH for file transfer and did not change the default password.
Last July, the U.S. government affirmed that the process of jailbreaking is considered legal, though Apple is under no obligation to support users who have issues with hacked software.
The new "jailbreakme" site also asks users: "Please don't use this for piracy." While software can be legally downloaded or even sold through the jailbreak-only "Cydia" store, jailbreaking can also be used to pirate software that is sold on Apple's App Store.
This week's new jailbreak method is the second time hackers have exploited a PDF-related security hole in the Mobile Safari browser. The previous hack, issued last August, relied on a corrupt font to crash Safari's Compact Font Format handler.
Ironically, hackers who exploited the PDF security hole in iOS last year also delivered their own security fix to address the very same issue on jailbroken devices. The patch aimed to ensure that dishonest hackers would not be able to utilize the exploit for malicious purposes.
Comments
Whenever I feel down I just think about these guys who REALLY don't have lives, and feel so much better.
Indeed. The reaction to this news on most sites I've seen this morning is either a yawn, or a "why would anyone jailbreak anymore?"
If jailbreaking isn't already on the wane, the rise of WebApps next year and the year after will put the last nail in the coffin. It will actually be better because it will go back to being something that a techie does for laughs instead of a mock business run by 17 year old asshats.
The new "jailbreakme" site also asks users: "Please don't use this for piracy."
Oh, Ok.... since you said "please".
Now I still jailbreak on my iPhone 4, but only for MyWi and DataDeposit.
I'm glad that they were able to make a jailbreak for the iPad 2, but I see real little reason to jailbreak my iPad 2... and with iOS 5 coming, I REALLY won't need to jailbreak it all.
The curse of Adobe strikes again!
I have no problem with what anyone wants to do to their expensive toy, but I am don't think it wise to give control of it to anyone else. I'm also glad Apple does not have to support it, driving the prices even higher.
Wouldn't it be funny if someone jailbroke their phone and suddenly received a text from Apple, "Thank you for buying Apple, however since you have left our safe ecosystem, we have to protect our members and have isolated your handset from further interaction with our systems. While you lose our half a million apps, you do have the Cydia hacked marketplace to choose from. Regards - Apple"
It's becoming harder and harder to find a reason to jailbreak anymore (for me at least). It used to be that I had a ton of jailbreak applications that I would use because Apple hadn't bothered to implement the features yet. But Apple has slowly begun to add features that I previously found only on Cydia.
Now I still jailbreak on my iPhone 4, but only for MyWi and DataDeposit.
I'm glad that they were able to make a jailbreak for the iPad 2, but I see real little reason to jailbreak my iPad 2... and with iOS 5 coming, I REALLY won't need to jailbreak it all.
For me, there's one feature from the JB community apple has utterly ignored, and its essential, SBSettings. As someone who frequently doesn't have Wifi access (at work, on the light rail, etc) and who uses a number of Bluetooth accessories with both devices, navigating the settings page to turn those things on and off is a hassle.
Who verifies that the hacks are safe? How do you know that the hack itself while giving you all this new capability, also is not downloading your keystrokes, contacts, passwords or sending text messages to some random person in a foreign country?
I have no problem with what anyone wants to do to their expensive toy, but I am don't think it wise to give control of it to anyone else. I'm also glad Apple does not have to support it, driving the prices even higher.
Wouldn't it be funny if someone jailbroke their phone and suddenly received a text from Apple, "Thank you for buying Apple, however since you have left our safe ecosystem, we have to protect our members and have isolated your handset from further interaction with our systems. While you lose our half a million apps, you do have the Cydia hacked marketplace to choose from. Regards - Apple"
Somehow the mac manages to survive without being locked to Apple's app store, I'm not sure why there should be a distinction for iPads.
Somehow the mac manages to survive without being locked to Apple's app store, I'm not sure why there should be a distinction for iPads.
Now there's the Mac App store. Glad to see a place where verified software is available.
Somehow the mac manages to survive without being locked to Apple's app store, I'm not sure why there should be a distinction for iPads.
Because if your mac dies due to software problems you can reinstall it from optical disk or USB key drive. If you brick your iPad you have no such option.
Jailbreaking is the term used to describe hacking iOS to allow users to install custom software and tweaks not approved by Apple.
Who does AI think is reading this? Does anybody not know what Jailbreaking is? Honestly, it's not like any REAL mainstream news outlets pick up the AI article and republish it for their readers. It's cute though, how AI tries to make their rumormongering appear to be like real journalism.
Because if your mac dies due to software problems you can reinstall it from optical disk or USB key drive. If you brick your iPad you have no such option.
Isn't it pretty much impossible to brick an iOS device? Stick it in Recovery Mode and restore.
Isn't it pretty much impossible to brick an iOS device? Stick it in Recovery Mode and restore.
First rule of making devices reliable, don't depend on the recover system
Who does AI think is reading this? Does anybody not know what Jailbreaking is? Honestly, it's not like any REAL mainstream news outlets pick up the AI article and republish it for their readers. It's cute though, how AI tries to make their rumormongering appear to be like real journalism.
This kind of inclusion is exactly the thing that separates the real journalists from the blogs.
You are arguing that they shouldn't bother but at the same time kind of implying that they are "just a blog." The more bloggers actually adhere to the rules of writing and journalism the better IMO. Why criticise them for being thorough and professional?
I still think that most people who jailbreak are huge liars. I think that most do it because they're cheap and even spending .99 cents on a great game or app is too much for these cheapskates, so they choose to pirate instead. There might be a few exceptions to this, but I do think that piracy is the main reason that people jailbreak.
I still think that most people who make sweeping assumptions about jailbreakers are speaking about things they know nothing about. My involvement in jailbreaking ios devices goes back to late 2007 when the first jailbreak was released. I DO know a lot of people who have chosen to jailbreak their devices. While some people do it just to pirate apps, many just want tweaks and apps that are not approvable by app store. Why are you so quick to assume it is only because they are cheap? I think if you bothered to investigate you would find much evidence to the contrary. Cydia (the 3rd party store) has many apps that cost money. There are developers making money on the cydia store, many I know personally. So to rephrase your premise, people jailbreak because they are too cheap to buy $.99 apps on the app store, but are willing to buy from a 3rd party store that involves more cumbersome payment methods to get apps costing typically from $1-$10. Yeah real solid logic there, Apple ][
People who are appalled at jailbreakers are the same people who 3 months ago said that iPhone notifications were fine and that adding any information on the lock screen would make the iPhone into a horrible mess that only geeks (read: closet android fans) would want. People jailbreak because they want the features that jailbreaking provides.
Agreed.
Agreed.
I second it