Slashdot Mirror

← Back to Stories (view on slashdot.org)

iPhone Jailbreak Uses a PDF Display Vulnerability

Posted by kdawson on from the get-out-of-jail-free dept.

adeelarshad82 writes "Latest reports indicate that the website that 'jailbreaks' iPhones, iPads, and iPod Touches does so by means of a PDF-based vulnerability in OS X. PDF parsing and rendering is a core feature of OS X, and there have been several other vulnerabilities in the past in iOS CoreGraphics PDF components." As Gruber points out, the proper term for this is not "jailbreak," but "remote code exploit in the wild."

4 of 289 comments (clear)

  1. Re:The new jailbreak is amazing by roman_mir · · Score: 5, Insightful

    Yes, excellent job. Now you just ran an app on your hand held computer that rooted it from a browser. Amazing work of the hackers aside, are you certain you now know for sure your phone is not spying on you and is not going to be used for something you do not want, like someone else using your connection for long distance calls or for spam or DDOS attacks or just a part of some cellular botnet?

    Amazing job - someone rooting your phone through a PDF.

    --
    You can't handle the truth.
  2. Re:The new jailbreak is amazing by Anonymous Coward · · Score: 5, Insightful

    Pardon my language, but, what the fuck?

    If my web browser is such that browsing to a page can lead to code execution as root, that's bad. I don't care if the system is open or closed or what government agency might be listening in, it is a serious vulnerability any way you slice it. It should be patched.

    Your comment is entirely irrelevant to the post it is replying to. You're phrasing it as a rebuttal of some kind, but it does not say anything to this point.

  3. Re:It's a feature... by zuperduperman · · Score: 5, Insightful

    I looked at the web page for my local newspaper today and it featured two headlines right above one another:

    1. iPhone4 Jailbreak Offers Apps to Millions
    2. Microsoft Windows Flaw Leaves Millions Vulnerable to Hackers and Malware

    I guess we always knew that mass media lives well inside the reality distortion field, but still ...

  4. Re:Does not compute... by crossword.bob · · Score: 5, Insightful

    Genuine question, no sarcasm tag required: How do those who berate Apple's walled-garden approach feel about games consoles? It genuinely puzzles me why we don't hear nearly so many complaints about the lack of open access to consoles, while a similar (to my mind; feel free to put me right) approach to a phone is evil.

    As for the exploit that makes this jailbreaking possible, I sympathize with people who wish to jailbreak their phone, but I hope this particular exploit is closed as soon as possible. I've heard there are some unscrupulous types in tha intarweb who might consider using such a thing for less than altruistic purposes.

    OK, maybe a touch of sarcasm after all.