Slashdot Mirror

← Back to Stories (view on slashdot.org)

iPhone Jailbreak Uses a PDF Display Vulnerability

Posted by kdawson on from the get-out-of-jail-free dept.

adeelarshad82 writes "Latest reports indicate that the website that 'jailbreaks' iPhones, iPads, and iPod Touches does so by means of a PDF-based vulnerability in OS X. PDF parsing and rendering is a core feature of OS X, and there have been several other vulnerabilities in the past in iOS CoreGraphics PDF components." As Gruber points out, the proper term for this is not "jailbreak," but "remote code exploit in the wild."

8 of 289 comments (clear)

  1. Does not compute... by chaboud · · Score: 4, Funny

    Didn't you know that Apple is more secure?

    As soon as I saw "computer-free jailbreak, straight from your browser" I thought "oh man.. here we go."

    1. Re:Does not compute... by magsol · · Score: 5, Funny

      "It just works!...even though it's not actually supposed to!"

      --
      "I'd just like to emphasise that taking a million years isn't a metaphor here..." -Rich Bradshaw
  2. Say it with me... by warrax_666 · · Score: 5, Funny

    It stands for PeDoFile.

    --
    HAND.
  3. LOL by Spazntwich · · Score: 5, Funny

    "Just don't render it that way." - Adobe

  4. Re:Jailbreak WARNING!!! by Anonymous Coward · · Score: 5, Funny

    BREAKING NEWS!

    Your attention please. We have a very important announcement to make. Listen carefully, because what we have to say MAY SAVE YOUR LIFE!

    Today's top story: Hacks can have unintended consequences.

    That is all.

  5. Re:This is really tiresome by plover · · Score: 4, Funny

    I saw a brilliant slide at Blackhat last week that sums it up perfectly (same vendor, different product)

    Native Security Functionality of Adobe Flash

    [ This slide intentionally left blank ]

    --
    John
  6. Re:PDF by Anonymous Coward · · Score: 4, Funny

    P. D. F = P0wn Da Fone?

  7. Re:PDF by ae1294 · · Score: 5, Funny

    The joke is that this so-called "document format" is going way outside its original scope and now supports so much scripting that it might as well be a library for executable files.

    I'm going to start sending out all my resumes in dll format... I think it's safer that way...