Slashdot Mirror
Apple IOS 4.3.4 Jailbroken Hours After Update
Stoobalou writes "The cat and mouse game between Apple and the jailbreaking community continues unabated as an updated version of PwnageTool hits the web just hours after apple updated its iOS mobile operating system to lock out the JailbreakMe PDF-based exploit."
Thanks to your desire to run any software you wish, you're finding security holes for Apple, free of charge.
Keep up the good work.
No, this isn't a new jailbreak. It's an existing exploit which uses the same hardware exploit found by Geohot MONTHS ago. The exploit install software is now configured for the new iOS version is all. This is why it's a TETHERED exploit, as the untethered exploit add-on no longer works in 4.3.4.
Is anyone technical even working at Slashdot anymore?
This jailbreak requires you to have your phone connected to your computer at every reboot in order to root it, and root is lost if phone is rebooted without connecting to the computer.
The PDF font handling vulnerability gave you perma-root (unthethered) and could also be used as a drive-by exploit.
In short, misleading title is misleading.
Finally had enough. Come see us over at https://soylentnews.org/
Here's a fixed title for you: Slashdot user fails at basic reading comprehension. It is NOT a drive-by-download exploit. The drive-by-download PDF vulnerability existed in 4.3.3 but was rapidly patched with the release of 4.3.4, and it has yet to be reopened as a viable exploit. Instead, what these hackers/developers/<your spin here> have managed to do is update their tethered means of jailbreaking to work with 4.3.4, but it currently requires being tethered to your computer with each and every reboot, otherwise you lose root. It's about as far from a drive-by-download as you can imagine and is not currently susceptible to malicious attacks unless you compromise physical access to your device. Now, pardon me while I tout how secure my Apple product is.