This is great, let all of the cheapskates who jailbreak their phones so that they can steal software burn!
Clearly you don't understand the real reason many people choose to jailbreak.
I love OSX, not just because it's a stable operating system with a great interface, but because of what most people don't care about - I live and breathe in Unix and love having a great OS environment that also gives me the full power of the Unix shell. The iPhone runs OSX but Apple prevents us from gaining access to its shell. A jailbroken iPhone gives that access.
I have no interest in stealing software, but do see the appeal of scripting cool stuff on my phone.
It is pain to see such post about jailbreaking. Yes it is security risk if you install SSH and don't change the root password, similar to one of jumping out of airplane without parachute. Does this mean airplanes should be banned as too much of security risk ? You and Apple would say so.
Why is it a pain. The only avenue of attack in not SSH. That is the current avenue being exploited actively. The fact you bypass application signing and allow other processes which bypass the sandboxing of applications opens many more opportunities then a SSH based attack. I could care less if you or anyone else jail breaks their Iphone, but bypassing the security environment increases your security risk. Security is a constant cat and mouse game and no one on the jailbreak side is worrying about your phone's security, your on your own which is fine for some folks. Many folks had their phones jailbroken to enable a baseband unlock to use their phone on a different network. Lots of these don't even know what SSH is or how to change a root password but they installed SSH as part of the process. Apple has every right to protect their image. If you follow the blogs reporting this info. It is always the Iphone is a security hazard and then in the small print is this note that it only affects the folks who bypass the security architecture via jailbreak.
It's up to jailbreakers to know what they're getting into and it's up to Apple to make sure there are fewer reasons to want to jail break. I wouldn't call them "idiots" but non-techies should have no real reasons for wanting to do this.
While having a locked down phone sucks, phones have sensitive information, which I'd rather not share with anyone. Especially with an iPhone, the hacker would have access to your iTunes account, credit card information - not to mention details on your friends and family.
Clearly you don't understand the real reason many people choose to jailbreak.
I love OSX, not just because it's a stable operating system with a great interface, but because of what most people don't care about - I live and breathe in Unix and love having a great OS environment that also gives me the full power of the Unix shell. The iPhone runs OSX but Apple prevents us from gaining access to its shell. A jailbroken iPhone gives that access.
I have no interest in stealing software, but do see the appeal of scripting cool stuff on my phone.
What kinda stuff can you script on your phone? I'd consider jailbreaking as an 'experiment' of sorts once I upgrade.
There is a certain amount of darwinism in being the idiot that doesn't change their password, but the average idiot shouldn't be using SSH anyway, let alone using a version of it that leaves the password open and relies on them reading some complicated instructions to alleviate the danger.
The average computer user is not an idiot. It is possible that the average Mac user does not fit this profile, but personally, I doubt it.
If an idiot does stuff with the innards of his computer which he does not understand, he is likely to have all sorts of problems. But this is not a good reason to lock down devices intended for average folks. It is telling that the iPhone is locked down. It appears that it is a device intended for idiots, rather than average computer users. Appearances can be deceiving, however.
Here's a clue: If you don't know what the heck you are doing, don't take chances screwing around with basic low level stuff on your computer. Buy a Mac, and leave all the (few) settings at the default value. Only install software from Fortune 500 companies, and even then, prepare for confusion.
Here's another clue: If you don't now anything about cars, don't go under the hood and try to replace stock parts with high-performance parts. If you don't know anything about photography, buy a point-and-shoot camera and leave it on the "automatic" setting. If you don't know anything about boats, stay close to shore. You get the point...
Jail breaking or Tampering with any product to modify it into what you the consumer wants of it is on the surface perfectly reasonable. That is one must be aware of the possible ramifications of your actions regardless of the source of the consequences. Ignorance is not a suitable defense. Most manufactures state very clearly this or that action is a 'No No" even if you may not understand why. You as the consumer have one avenue which allows you to have your will prevail. Bye a product from another vendor that does allow you to have what you want. But to stand there and complain because you cannot have your way or to gripe/grumble when things go wrong because of what you chose to do. IN short "GROW UP "
I would like to suggest to Apple they offer to UN-Jail break a unit for a healthy sum.
It's not the fault of idiots however, when they are handed poor tools that they don't understand how to use by other idiots.
The fault here, and a large part of the blame, should be on those who promote jail-breaking IMO.
It's true that the "word on the street" on blogs/forums etc has been that jailbreaking is an easy harmless process. There are warnings here and there, like on the dev-team website that urge those jailbreakers to learn a bit about what they are doing before they do it, but they are not prominent enough.
I guess the bottom line is that even if everyone says its easy and harmless, you should probably do your own research before getting yourself into trouble.
Edit:
Quote:
Originally Posted by htoelle
I would like to suggest to Apple they offer to UN-Jail break a unit for a healthy sum.
I like it- add insult to injury by charging the customer for something they could do themselves in about 5 minutes on their home computer.
Why doesn't Apple let you do many of the things jailbroken phones can do? Like change your wallpaper for instance...
Quote:
Originally Posted by iGenius
Are you "on your own" if you install third-party software (like, for example, PhotoShop) on a Mac? Why is the iPhone different? Why is it locked down, when the Mac has no such limitation?
Folks need to realize something very important. Apple doesn't look at the iPhone as a computer. It's not a Mac. Apple views it as an appliance. Like your DVD player, or a even like a PSP. It's not meant to be a general computing platform in the sense of your Mac or Windows PC. People can make DVDs to play in your DVD player, but they have to have the proper licenses and follow a certain format (even the DVDs you burn at home have these licenses via the software you are using). If you want to make a game for a PSP, you have to follow Sony's rules. Even though you can buy DVDs and PSP games at many different stores, they all have to follow the rules set by the licensing owners for the platform.
The difference is that Apple is also limiting distibution through just one outlet, iTunes, and is exercising control over the content, not just the format. Not saying that's right or wrong, but I think that's Apple's perspective. Most people don't try to change the screen saver on their DVD player, or the graphics on the UI of their TiVo. They just accept it as "that's how they designed my appliance."
However, when I see the headline: "Malicious worm attacks, steals data from jailbroken iPhones", it does seem rather disturbing.
That is exactly the problem, this is sensationalism at its best, causing a disturbance where none is needed.
See the headline, does it contain truth to it? Sorta. Kinda. Not really. It only applies to a subset of jailbroken phones whose users were negligent.
Imagine you just bought a new Mac, and when you boot it up it instantly logs in and shows you the Desktop. Has that ever happened to you? No, because all new Macs run you through a setup where you get to set the "root password".
I'm not sure how the jailbreaking software is written these days, but if they're not doing it already they should simply run a basic utility that asks the users to set a root password when they install the jailbreak. With that, the problem is solved for even the dumbest of users.
Another metaphor: imagine you've bought a new house and you were never given a key to it, the doors are simply unlocked 100% of the time, and every thief on the block knows it. Same situation. Would you be surprised if someone broke in?
These worms are nothing special nor surprising, once you've changed the default password, the security of a jailbroken phone is just as good as a non-jailbroken one, with the exception that if a vulnerability is found for *everyone*, then when apple releases a fix you'll have to wait longer than most to get it.
It is pain to see such post about jailbreaking. Yes it is security risk if you install SSH and don't change the root password, similar to one of jumping out of airplane without parachute. Does this mean airplanes should be banned as too much of security risk ? You and Apple would say so.
That's a rediculous analogy and would only be appropriate if someone were banning iPhones. The aeroplane equivalent would be that people should not be opening the doors at 30,000 feet and admiring the view.
Jailbreaking is fun, I've hacked my ATV to run Boxee (but it's awful so I got rid of it) but I digress. The problem really is with amateur night 'hackers' following instructions they got from google and who don't really know what they're doing. Sure, hack your phone, but STFU when it bricks... it's quite an expensive mistake to make.
The difference is that Apple is also limiting distibution through just one outlet, iTunes, and is exercising control over the content, not just the format. Not saying that's right or wrong, but I think that's Apple's perspective. Most people don't try to change the screen saver on their DVD player, or the graphics on the UI of their TiVo. They just accept it as "that's how they designed my appliance."
Actually I spray painted camo on my DVD player and my comcast DVR UI has the Timesquare color theme! jk
but seriously, I could see Apple someday releasing an update that lets you theme the UI with different icons, colors, wallpapers, and even animation between screens. It's probably at the bottom of their todo list since it's not vital functionality, but it's definitely something everyone would enjoy a lot.
The worm only affects jailbroken phones that have SSH (secure shell) installed, without the default password -- "alpine" -- changed.
They totally deserve it. You can't just blame the people who help create and promote ways to jailbreak a phone. If you, as the end user, don't know enough to know what you're doing, stick with what you got.\
People who jailbreak software does not automatically install SSH on the phone. You have to install openSSH from Cydia, and anyone who does download something like openSSH needs to understand how it works before they do it.
No, not every person out there downloads SSH. Yes, jailbroken iphones have MUCH more functionality than iphones - remember when you didn't have copy/paste, picture messaging, or phone search? I did. Oh, and I can access my filesystem anytime i want.
They totally deserve it. You can't just blame the people who help create and promote ways to jailbreak a phone. If you, as the end user, don't know enough to know what you're doing, stick with what you got.\
Quote:
Originally Posted by saarek
This is great, let all of the cheapskates who jailbreak their phones so that they can steal software burn!
Quote:
Originally Posted by jglavin
Serves them right for not changing their root password. That's just opening a can of worms right there.
Regardless if you are pro or against jailbreaking, wishing harm like this or justifying the harm done to them isn't exactly a kind way to go.
Its like saying "That guy that drove past me is using diesel in his unleaded engine. I hope he gets into a crash." True, his car will end up being damaged from the wrong fuel, but to wish someone harm doesn't make you look good.
Now, for those jail breakers who STEAL (which isn't all of them) programs, I am fine with people hoping they get caught and justice brought. Like the guy on the freeway who speeds past you, you hope there's an officer around so they can get a ticket. But still, I wouldn't want harm done to them. In this case, I would hope that those who have not changed the root password don't have any crazy expenses on their next bank statements!
It's like giving loaded handguns to children to play with but telling them not to point it at their friends and thinking you've done your job.
No, it's like handing an adult a Windows XP box without antivirus and telling them to get a decent antivirus and avoid going to porn sites. Do they listen about the antivirus? No. Do they go to porn sites anyway? Yep. Crash and burn.
People who have iPhones aren't presumably children, for the most part. Your logic that people don't/didn't know what they are doing is nonsense. They chose not to read the whole instruction manual.
If they knew enough to find the jailbreak applications and read the forums and such on how to do it, is it too much to ask of them to fully read the instructions and warnings?
Comments
This is great, let all of the cheapskates who jailbreak their phones so that they can steal software burn!
Clearly you don't understand the real reason many people choose to jailbreak.
I love OSX, not just because it's a stable operating system with a great interface, but because of what most people don't care about - I live and breathe in Unix and love having a great OS environment that also gives me the full power of the Unix shell. The iPhone runs OSX but Apple prevents us from gaining access to its shell. A jailbroken iPhone gives that access.
I have no interest in stealing software, but do see the appeal of scripting cool stuff on my phone.
It is pain to see such post about jailbreaking. Yes it is security risk if you install SSH and don't change the root password, similar to one of jumping out of airplane without parachute. Does this mean airplanes should be banned as too much of security risk ? You and Apple would say so.
Why is it a pain. The only avenue of attack in not SSH. That is the current avenue being exploited actively. The fact you bypass application signing and allow other processes which bypass the sandboxing of applications opens many more opportunities then a SSH based attack. I could care less if you or anyone else jail breaks their Iphone, but bypassing the security environment increases your security risk. Security is a constant cat and mouse game and no one on the jailbreak side is worrying about your phone's security, your on your own which is fine for some folks. Many folks had their phones jailbroken to enable a baseband unlock to use their phone on a different network. Lots of these don't even know what SSH is or how to change a root password but they installed SSH as part of the process. Apple has every right to protect their image. If you follow the blogs reporting this info. It is always the Iphone is a security hazard and then in the small print is this note that it only affects the folks who bypass the security architecture via jailbreak.
While having a locked down phone sucks, phones have sensitive information, which I'd rather not share with anyone. Especially with an iPhone, the hacker would have access to your iTunes account, credit card information - not to mention details on your friends and family.
Clearly you don't understand the real reason many people choose to jailbreak.
I love OSX, not just because it's a stable operating system with a great interface, but because of what most people don't care about - I live and breathe in Unix and love having a great OS environment that also gives me the full power of the Unix shell. The iPhone runs OSX but Apple prevents us from gaining access to its shell. A jailbroken iPhone gives that access.
I have no interest in stealing software, but do see the appeal of scripting cool stuff on my phone.
What kinda stuff can you script on your phone? I'd consider jailbreaking as an 'experiment' of sorts once I upgrade.
There is a certain amount of darwinism in being the idiot that doesn't change their password, but the average idiot shouldn't be using SSH anyway, let alone using a version of it that leaves the password open and relies on them reading some complicated instructions to alleviate the danger.
The average computer user is not an idiot. It is possible that the average Mac user does not fit this profile, but personally, I doubt it.
If an idiot does stuff with the innards of his computer which he does not understand, he is likely to have all sorts of problems. But this is not a good reason to lock down devices intended for average folks. It is telling that the iPhone is locked down. It appears that it is a device intended for idiots, rather than average computer users. Appearances can be deceiving, however.
Here's a clue: If you don't know what the heck you are doing, don't take chances screwing around with basic low level stuff on your computer. Buy a Mac, and leave all the (few) settings at the default value. Only install software from Fortune 500 companies, and even then, prepare for confusion.
Here's another clue: If you don't now anything about cars, don't go under the hood and try to replace stock parts with high-performance parts. If you don't know anything about photography, buy a point-and-shoot camera and leave it on the "automatic" setting. If you don't know anything about boats, stay close to shore. You get the point...
hehe...
hehe...
hehe...
Have you, like, lost it, buddy? Hello? Anybody home?
Have you, like, lost it, buddy? Hello? Anybody home?
wuh? wussup?
I would like to suggest to Apple they offer to UN-Jail break a unit for a healthy sum.
HT
It's not the fault of idiots however, when they are handed poor tools that they don't understand how to use by other idiots.
The fault here, and a large part of the blame, should be on those who promote jail-breaking IMO.
It's true that the "word on the street" on blogs/forums etc has been that jailbreaking is an easy harmless process. There are warnings here and there, like on the dev-team website that urge those jailbreakers to learn a bit about what they are doing before they do it, but they are not prominent enough.
I guess the bottom line is that even if everyone says its easy and harmless, you should probably do your own research before getting yourself into trouble.
Edit:
I would like to suggest to Apple they offer to UN-Jail break a unit for a healthy sum.
I like it- add insult to injury by charging the customer for something they could do themselves in about 5 minutes on their home computer.
Why doesn't Apple let you do many of the things jailbroken phones can do? Like change your wallpaper for instance...
Are you "on your own" if you install third-party software (like, for example, PhotoShop) on a Mac? Why is the iPhone different? Why is it locked down, when the Mac has no such limitation?
Folks need to realize something very important. Apple doesn't look at the iPhone as a computer. It's not a Mac. Apple views it as an appliance. Like your DVD player, or a even like a PSP. It's not meant to be a general computing platform in the sense of your Mac or Windows PC. People can make DVDs to play in your DVD player, but they have to have the proper licenses and follow a certain format (even the DVDs you burn at home have these licenses via the software you are using). If you want to make a game for a PSP, you have to follow Sony's rules. Even though you can buy DVDs and PSP games at many different stores, they all have to follow the rules set by the licensing owners for the platform.
The difference is that Apple is also limiting distibution through just one outlet, iTunes, and is exercising control over the content, not just the format. Not saying that's right or wrong, but I think that's Apple's perspective. Most people don't try to change the screen saver on their DVD player, or the graphics on the UI of their TiVo. They just accept it as "that's how they designed my appliance."
However, when I see the headline: "Malicious worm attacks, steals data from jailbroken iPhones", it does seem rather disturbing.
That is exactly the problem, this is sensationalism at its best, causing a disturbance where none is needed.
See the headline, does it contain truth to it? Sorta. Kinda. Not really. It only applies to a subset of jailbroken phones whose users were negligent.
Imagine you just bought a new Mac, and when you boot it up it instantly logs in and shows you the Desktop. Has that ever happened to you? No, because all new Macs run you through a setup where you get to set the "root password".
I'm not sure how the jailbreaking software is written these days, but if they're not doing it already they should simply run a basic utility that asks the users to set a root password when they install the jailbreak. With that, the problem is solved for even the dumbest of users.
Another metaphor: imagine you've bought a new house and you were never given a key to it, the doors are simply unlocked 100% of the time, and every thief on the block knows it. Same situation. Would you be surprised if someone broke in?
These worms are nothing special nor surprising, once you've changed the default password, the security of a jailbroken phone is just as good as a non-jailbroken one, with the exception that if a vulnerability is found for *everyone*, then when apple releases a fix you'll have to wait longer than most to get it.
It is pain to see such post about jailbreaking. Yes it is security risk if you install SSH and don't change the root password, similar to one of jumping out of airplane without parachute. Does this mean airplanes should be banned as too much of security risk ? You and Apple would say so.
That's a rediculous analogy and would only be appropriate if someone were banning iPhones. The aeroplane equivalent would be that people should not be opening the doors at 30,000 feet and admiring the view.
Jailbreaking is fun, I've hacked my ATV to run Boxee (but it's awful so I got rid of it) but I digress. The problem really is with amateur night 'hackers' following instructions they got from google and who don't really know what they're doing. Sure, hack your phone, but STFU when it bricks... it's quite an expensive mistake to make.
The difference is that Apple is also limiting distibution through just one outlet, iTunes, and is exercising control over the content, not just the format. Not saying that's right or wrong, but I think that's Apple's perspective. Most people don't try to change the screen saver on their DVD player, or the graphics on the UI of their TiVo. They just accept it as "that's how they designed my appliance."
Actually I spray painted camo on my DVD player and my comcast DVR UI has the Timesquare color theme!
but seriously, I could see Apple someday releasing an update that lets you theme the UI with different icons, colors, wallpapers, and even animation between screens. It's probably at the bottom of their todo list since it's not vital functionality, but it's definitely something everyone would enjoy a lot.
The worm only affects jailbroken phones that have SSH (secure shell) installed, without the default password -- "alpine" -- changed.
They totally deserve it. You can't just blame the people who help create and promote ways to jailbreak a phone. If you, as the end user, don't know enough to know what you're doing, stick with what you got.
People who jailbreak software does not automatically install SSH on the phone. You have to install openSSH from Cydia, and anyone who does download something like openSSH needs to understand how it works before they do it.
No, not every person out there downloads SSH. Yes, jailbroken iphones have MUCH more functionality than iphones - remember when you didn't have copy/paste, picture messaging, or phone search? I did. Oh, and I can access my filesystem anytime i want.
They totally deserve it. You can't just blame the people who help create and promote ways to jailbreak a phone. If you, as the end user, don't know enough to know what you're doing, stick with what you got.
This is great, let all of the cheapskates who jailbreak their phones so that they can steal software burn!
Serves them right for not changing their root password. That's just opening a can of worms right there.
Regardless if you are pro or against jailbreaking, wishing harm like this or justifying the harm done to them isn't exactly a kind way to go.
Its like saying "That guy that drove past me is using diesel in his unleaded engine. I hope he gets into a crash." True, his car will end up being damaged from the wrong fuel, but to wish someone harm doesn't make you look good.
Now, for those jail breakers who STEAL (which isn't all of them) programs, I am fine with people hoping they get caught and justice brought. Like the guy on the freeway who speeds past you, you hope there's an officer around so they can get a ticket. But still, I wouldn't want harm done to them. In this case, I would hope that those who have not changed the root password don't have any crazy expenses on their next bank statements!
It's like giving loaded handguns to children to play with but telling them not to point it at their friends and thinking you've done your job.
No, it's like handing an adult a Windows XP box without antivirus and telling them to get a decent antivirus and avoid going to porn sites. Do they listen about the antivirus? No. Do they go to porn sites anyway? Yep. Crash and burn.
People who have iPhones aren't presumably children, for the most part. Your logic that people don't/didn't know what they are doing is nonsense. They chose not to read the whole instruction manual.
If they knew enough to find the jailbreak applications and read the forums and such on how to do it, is it too much to ask of them to fully read the instructions and warnings?