True. From GIF, PNG, JPEG, and many other binary file formats have been used to deliver malicious payloads. Negligent error-checking in the software that reads such formats does not mean that the formats themselves are inherently insecure.
Those were generally buffer overruns and also generally limited to a few platforms - PDF includes javascript and so it's far more intrinsically insecure. They were not issues intrinsic to the file format, they were issues with PHP and the like that could be exploited with the file format - there is a difference. The JPG case was in fact a traditional exe virus that used JPGs to distribute payload.
Quote:
Moreover, if it was the case that this ISO-standard format is somehow inherently insecure, what would it say about Apple's judgment that they've made PDF such an integral part of the iOS and OS X experience?
There's a distinction between display-PDF which is intrinsic to the OS and regular PDF which is not. I've not heard of any security issues with display PDF, any more than I've heard of significant security problems with Postscript.
Blaming Adobe for the vulnerability of Reader App on iOS is like blaming W3C for a vulnerability on Safari Browser
If the security problems are endemic to all the readers then it's fair to blame the standard. In this case it wouldn't be W3C because they never took responsibility for Javascript. Javascript is an abomination born from Netscape & Microsoft, with a side order of Sun, it's introduced security problems ever since it was created.
Adobe's inclusion of JS in PDF was completely unnecessary, so in this context I blame them.
If the security problems are endemic to all the readers then it's fair to blame the standard. In this case it wouldn't be W3C because they never took responsibility for Javascript. Javascript is an abomination born from Netscape & Microsoft, with a side order of Sun, it's introduced security problems ever since it was created.
Adobe's inclusion of JS in PDF was completely unnecessary, so in this context I blame them.
Apple decided to make their own reader for PDF and make it system wide. They are the ones responsible for maintaining security. PDF is just a document no different than a Word document which Apple's Pages can also read to some extent. Acrobat files can contain all kinds of data just like Word files can contain Active X. The programmer of the reader software decides which types of data to read and which to ignore. If you decide to read a certain type of data within the file then you assume the responsibility of maintaining the security of that part of the interaction with the document. In this case Apple accepted the data, read it and interacted with it. When they update the OS they will fix that oversight.
Apple decided to make their own reader for PDF and make it system wide. They are the ones responsible for maintaining security.
Oh there's no doubt that it's Apple's problem, the point is that it's courtesy of Adobe.
Quote:
Acrobat files can contain all kinds of data just like Word files can contain Active X.
We're not talking about attachments here that can be exported to other programs that have security issues. We're not even talking about substreams that link to other applications over some sort of object model - we're talking about an intrinsic part of the file format. Completely different deal.
Quote:
If you decide to read a certain type of data within the file then you assume the responsibility of maintaining the security of that part of the interaction with the document.
This is intrinsic to the data format, you can't leave it out and still claim to be a conformant PDF reader.
This is intrinsic to the data format, you can't leave it out and still claim to be a conformant PDF reader.
Of course you can. An Acrobat file can contain stickies, movies, Flash, links, even web conference connections, forms, etc. Apple does not read anything except the layout. None of the advanced features are included in their reader. Yet they included enough to get themselves into trouble. Just like last time it is probably a font exploitation since fonts are linked to the core system services.
Does not work on my 4.33 3GS, will not even try on my iPad. I just wanted to see if it actually works. Did any of the sites promoting/discussing this even bother to try it and test their claims...
Worked on my iPad 2 WiFi 16GB. Tried it last night. Virtually instantaneous jailbreak. Since the iPad 2 has display mirroring already, all I did was change the lockscreen and system fonts (using the free Bytafont app on Cydia). It's like an OS upgrade, having my favourite non-Apple-supplied fonts back on my iPad 2, I liked those fonts on my jailbreaked iPad 1.
Small suggestion, just check the official Dev Team blog for possible solutions to why it didn't work on your 3GS.
Not all paid apps go through Jay Freeman. Some accept paypal. Had you known anything about jailbreaking and the Cydia store you'd know that. Not using the Cydia storefront doesn't mean that only 5% pay for Cydia apps.
Personally, I am loathe to give my credit card info to a site with more relaxed internal controls than Apple. Look at the Sony attacks for starters. I am also a little nervous about the security risks of jailbreaking.
That said, I travel enough internationally that an unlocked phone is a must. Buying unlocked but still paying the same rates for a subsidized device is almost as criminal as the roaming rates the telcos charge.
Jay Freeman uses Amazon for payments, others use PayPal, and Jay issues refunds on a regular basis for shitty apps and devs that provide bad support even though he doesn't write the apps. I've had two refunds (7$ and 2$) for apps made by one developer that lied about support and then released a broken update after those apps were out for about a year. You aren't giving your credit card info to anyone that can steal it, it goes through Amazon or PayPal. You have a problem it's covered through them and Jay is extremely nice and responds to problems very quickly.
As for security problems of jailbreaking, there aren't any. OpenSSH isn't installed by default hasn't happened for a very long time and if you choose to install it (just like anything you install on any computer or device) the packages has a popup that warns you sternly to change the SSH password ASAP. 10 second google search will tell you exactly how and SSH is as secure as it's password. Amazingly Apple hasn't changed the default SSH password since the beginning.
The attacks that were so stupidly overblown about people hacking into iPhones and changing the background were so devoid of actual facts it was infuriating. For one it only occured on iPhones that the end users chose to install OpenSSH and ignore the many, many warnings about changing the password. No more severe than not setting a strong password on anything else. Secondly the way it was done cannot happen here in the US. The attacks were through the data address their carriers assigned to that phone on it's data plan. They just hit a huge range of those data IPs to see what came up. US carriers don't allow anyone to SSH through that data IP so it was never a threat here. The past few jailbreaks have fixed the very hole they exploited immediately, meaning that a jailbroken phone is more secure than a non-jailbroken phone.
All this fear mongering about security issues on jailbroken iOS devices and not once has anything happened. Not once. Besides, every member of the Dev Team, Chronic Dev Team, @comex, @chpwn and so on are well known in that community, real names and all, that to do something that would steal info and so on would be really stupid anyway. When someone that says there is security issues with jailbroken iOS devices I always ask them for a specific example that jailbreaking has stolen their info/something of value and then ask how many apps have been removed from the official App Store has done the same. The usual answer is something completely false, them trying to bullshit their way through the question, or a blatant 'I don't know of any but that's what people say.' There is no less security with a jailbroken iOS device than there is without it. Alot of the time it's more secure.
Whenever I feel down I just think about these guys who REALLY don't have lives, and feel so much better.
How do they not have lives? This is some extremely hard work that takes someone that has a very good understanding of computer science and lots of specialized skill. This isn't the only work that comex has done, he works on a wide range of systems. Very well known security expert Charlie Miller has commended this as being very well done and extremely impressive, noting the huge amount of skill and very good knowledge it takes to do this. I'd say that you have neither a life or the intelligence to see exactly what's been done here, not just a jailbreak of iOS but someone out there is very skilled at this and asks for absolutely nothing in return. Unlike 'hackers' like the ones in LulzSec and anonymous, these guys aren't doing it for money, fame, or revenge. They are doing it because they love the devices they own and want others to use them to their full potential. I for one really appreciate this effort because it allows me to unlock a phone I paid full price for, that alone is reason enough to give them an attaboy.
Does not work on my 4.33 3GS, will not even try on my iPad. I just wanted to see if it actually works. Did any of the sites promoting/discussing this even bother to try it and test their claims...
Any problems you might have could be very simple to fix. It appears that you didn't actually try because there are over 1 million people that have had success so I seriously doubt you 'just tried it out to see of it was possible.' It IS possible, you just didn't actually try because it's actually quite easy to do. The easiest jailbreak ever done in fact.
Comments
True. From GIF, PNG, JPEG, and many other binary file formats have been used to deliver malicious payloads. Negligent error-checking in the software that reads such formats does not mean that the formats themselves are inherently insecure.
Those were generally buffer overruns and also generally limited to a few platforms - PDF includes javascript and so it's far more intrinsically insecure. They were not issues intrinsic to the file format, they were issues with PHP and the like that could be exploited with the file format - there is a difference. The JPG case was in fact a traditional exe virus that used JPGs to distribute payload.
Moreover, if it was the case that this ISO-standard format is somehow inherently insecure, what would it say about Apple's judgment that they've made PDF such an integral part of the iOS and OS X experience?
There's a distinction between display-PDF which is intrinsic to the OS and regular PDF which is not. I've not heard of any security issues with display PDF, any more than I've heard of significant security problems with Postscript.
Blaming Adobe for the vulnerability of Reader App on iOS is like blaming W3C for a vulnerability on Safari Browser
If the security problems are endemic to all the readers then it's fair to blame the standard. In this case it wouldn't be W3C because they never took responsibility for Javascript. Javascript is an abomination born from Netscape & Microsoft, with a side order of Sun, it's introduced security problems ever since it was created.
Adobe's inclusion of JS in PDF was completely unnecessary, so in this context I blame them.
http://www.adobe.com/support/security/#readerwin
Compare that to how many security problems Postscript suffered.
If the security problems are endemic to all the readers then it's fair to blame the standard. In this case it wouldn't be W3C because they never took responsibility for Javascript. Javascript is an abomination born from Netscape & Microsoft, with a side order of Sun, it's introduced security problems ever since it was created.
Adobe's inclusion of JS in PDF was completely unnecessary, so in this context I blame them.
Apple decided to make their own reader for PDF and make it system wide. They are the ones responsible for maintaining security. PDF is just a document no different than a Word document which Apple's Pages can also read to some extent. Acrobat files can contain all kinds of data just like Word files can contain Active X. The programmer of the reader software decides which types of data to read and which to ignore. If you decide to read a certain type of data within the file then you assume the responsibility of maintaining the security of that part of the interaction with the document. In this case Apple accepted the data, read it and interacted with it. When they update the OS they will fix that oversight.
Apple decided to make their own reader for PDF and make it system wide. They are the ones responsible for maintaining security.
Oh there's no doubt that it's Apple's problem, the point is that it's courtesy of Adobe.
Acrobat files can contain all kinds of data just like Word files can contain Active X.
We're not talking about attachments here that can be exported to other programs that have security issues. We're not even talking about substreams that link to other applications over some sort of object model - we're talking about an intrinsic part of the file format. Completely different deal.
If you decide to read a certain type of data within the file then you assume the responsibility of maintaining the security of that part of the interaction with the document.
This is intrinsic to the data format, you can't leave it out and still claim to be a conformant PDF reader.
This is intrinsic to the data format, you can't leave it out and still claim to be a conformant PDF reader.
Of course you can. An Acrobat file can contain stickies, movies, Flash, links, even web conference connections, forms, etc. Apple does not read anything except the layout. None of the advanced features are included in their reader. Yet they included enough to get themselves into trouble. Just like last time it is probably a font exploitation since fonts are linked to the core system services.
Does not work on my 4.33 3GS, will not even try on my iPad. I just wanted to see if it actually works. Did any of the sites promoting/discussing this even bother to try it and test their claims...
Worked on my iPad 2 WiFi 16GB. Tried it last night. Virtually instantaneous jailbreak. Since the iPad 2 has display mirroring already, all I did was change the lockscreen and system fonts (using the free Bytafont app on Cydia). It's like an OS upgrade, having my favourite non-Apple-supplied fonts back on my iPad 2, I liked those fonts on my jailbreaked iPad 1.
Small suggestion, just check the official Dev Team blog for possible solutions to why it didn't work on your 3GS.
(there are millions of users of Cydia, but only ~5% of them make purchases from the storefront).
http://www.macnotes.net/2010/03/30/c...k-jay-freeman/
Not all paid apps go through Jay Freeman. Some accept paypal. Had you known anything about jailbreaking and the Cydia store you'd know that. Not using the Cydia storefront doesn't mean that only 5% pay for Cydia apps.
Personally, I am loathe to give my credit card info to a site with more relaxed internal controls than Apple. Look at the Sony attacks for starters. I am also a little nervous about the security risks of jailbreaking.
That said, I travel enough internationally that an unlocked phone is a must. Buying unlocked but still paying the same rates for a subsidized device is almost as criminal as the roaming rates the telcos charge.
Jay Freeman uses Amazon for payments, others use PayPal, and Jay issues refunds on a regular basis for shitty apps and devs that provide bad support even though he doesn't write the apps. I've had two refunds (7$ and 2$) for apps made by one developer that lied about support and then released a broken update after those apps were out for about a year. You aren't giving your credit card info to anyone that can steal it, it goes through Amazon or PayPal. You have a problem it's covered through them and Jay is extremely nice and responds to problems very quickly.
As for security problems of jailbreaking, there aren't any. OpenSSH isn't installed by default hasn't happened for a very long time and if you choose to install it (just like anything you install on any computer or device) the packages has a popup that warns you sternly to change the SSH password ASAP. 10 second google search will tell you exactly how and SSH is as secure as it's password. Amazingly Apple hasn't changed the default SSH password since the beginning.
The attacks that were so stupidly overblown about people hacking into iPhones and changing the background were so devoid of actual facts it was infuriating. For one it only occured on iPhones that the end users chose to install OpenSSH and ignore the many, many warnings about changing the password. No more severe than not setting a strong password on anything else. Secondly the way it was done cannot happen here in the US. The attacks were through the data address their carriers assigned to that phone on it's data plan. They just hit a huge range of those data IPs to see what came up. US carriers don't allow anyone to SSH through that data IP so it was never a threat here. The past few jailbreaks have fixed the very hole they exploited immediately, meaning that a jailbroken phone is more secure than a non-jailbroken phone.
All this fear mongering about security issues on jailbroken iOS devices and not once has anything happened. Not once. Besides, every member of the Dev Team, Chronic Dev Team, @comex, @chpwn and so on are well known in that community, real names and all, that to do something that would steal info and so on would be really stupid anyway. When someone that says there is security issues with jailbroken iOS devices I always ask them for a specific example that jailbreaking has stolen their info/something of value and then ask how many apps have been removed from the official App Store has done the same. The usual answer is something completely false, them trying to bullshit their way through the question, or a blatant 'I don't know of any but that's what people say.' There is no less security with a jailbroken iOS device than there is without it. Alot of the time it's more secure.
Whenever I feel down I just think about these guys who REALLY don't have lives, and feel so much better.
How do they not have lives? This is some extremely hard work that takes someone that has a very good understanding of computer science and lots of specialized skill. This isn't the only work that comex has done, he works on a wide range of systems. Very well known security expert Charlie Miller has commended this as being very well done and extremely impressive, noting the huge amount of skill and very good knowledge it takes to do this. I'd say that you have neither a life or the intelligence to see exactly what's been done here, not just a jailbreak of iOS but someone out there is very skilled at this and asks for absolutely nothing in return. Unlike 'hackers' like the ones in LulzSec and anonymous, these guys aren't doing it for money, fame, or revenge. They are doing it because they love the devices they own and want others to use them to their full potential. I for one really appreciate this effort because it allows me to unlock a phone I paid full price for, that alone is reason enough to give them an attaboy.
Does not work on my 4.33 3GS, will not even try on my iPad. I just wanted to see if it actually works. Did any of the sites promoting/discussing this even bother to try it and test their claims...
Any problems you might have could be very simple to fix. It appears that you didn't actually try because there are over 1 million people that have had success so I seriously doubt you 'just tried it out to see of it was possible.' It IS possible, you just didn't actually try because it's actually quite easy to do. The easiest jailbreak ever done in fact.