Apple's War Against Jailbreaking Now Makes Perfect Sense

← Back to Stories (view on slashdot.org)

Apple's War Against Jailbreaking Now Makes Perfect Sense

Posted by timothy on Tuesday June 11, 2013 @12:44AM from the sacrifice-the-phone-to-save-your-world dept.

An anonymous reader writes "Apple has always been extremely anti jailbreaking, but it might now have a good reason to plug up the exploits. As Hardware 2.0 argues, Apple's new iOS 7 Activation Lock anti-theft mechanism which renders stolen handsets useless (even after wiping) unless the owner's Apple ID is entered relies on having a secure, locked-down OS. Are the days of jailbreaking iOS coming to a close?" I can see a whole new variety of phone-based ransom-ware based on this capability, too.

29 of 321 comments (clear)

Min score:

Reason:

Sort:

Phone-based ransom-ware? by Sockatume · 2013-06-11 00:46 · Score: 4, Insightful

timothy, you're going to have to explain how the implimentation of this feature by Apple in any way changes a developer's ability to create ransomware with similar functionality. 'Cause the way I see it, to be able to hijack the Authentication Lock, you're probably going to have to have sufficiently low-level access to just impliment your own lock.

--
No kidding!!! What do you say at this point?
1. Re:Phone-based ransom-ware? by Joce640k · 2013-06-11 01:03 · Score: 5, Insightful
  
  The phone's CPU could have a special PIN number that comes on a scratch card in the box when you buy it.
  If your phone gets stolen you call your operator and read them the PIN. They send out a "kill" signal and the phone commits suicide.
  This is impossible for hackers to fake - they can never know the PIN.
  
  --
  No sig today...
2. Re:Phone-based ransom-ware? by Plumpaquatsch · 2013-06-11 01:18 · Score: 4, Insightful
  
  The phone's CPU could have a special PIN number that comes on a scratch card in the box when you buy it.
  If your phone gets stolen you call your operator and read them the PIN. They send out a "kill" signal and the phone commits suicide.
  This is impossible for hackers to fake - they can never know the PIN.
  Yeah, they can only send millions of kill messages with random PINs out. No harm done.
  
  --
  Of course news about a fake are Fake News.
3. Re:Phone-based ransom-ware? by Anonymous Coward · 2013-06-11 01:27 · Score: 1, Insightful
  
  It's their OS and their device, aren't hey entitled to it?
4. Re:Phone-based ransom-ware? by Joce640k · 2013-06-11 01:40 · Score: 1, Insightful
  
  a) Who's "they"?
  b) If the pin is 10 digits then "they" are wasting their time.
  
  --
  No sig today...
5. Re:Phone-based ransom-ware? by omnichad · 2013-06-11 01:50 · Score: 5, Insightful
  
  Whose device again? Money changed hands.
6. Re:Phone-based ransom-ware? by PopeRatzo · 2013-06-11 02:02 · Score: 2, Insightful
  
  It's their OS and their device, aren't hey entitled to it?
  It's their device until I buy it.
  I guess owning something doesn't mean being able to use it the way you want.
  Apple doesn't give a good goddamn about stolen phones. That's not why they're implementing this new lockdown. In fact, they probably like stolen phones because that means they can sell new ones to the original suckers. This is about making sure that not one thing happens with that device where Apple doesn't get a little ka-ching! somewhere along the line.
  Apple has taken cell phones and tablets and turned them into slot machines. And Apple is the "house".
  
  --
  You are welcome on my lawn.
7. Re:Phone-based ransom-ware? by Moryath · 2013-06-11 02:11 · Score: 2, Insightful
  
  Apple admits they see them popping up all over the world under other names but WON'T recall or stop them from being used.
  FTFY.
  Apple are lazy-ass sons of bitches as are the cell companies complicit in this shit. They "admit they see them popping up all over the world" but they WON'T:
  - Flag the account of the new user as using a stolen phone.
  - Deactivate that user's account / internet access until they come in to complain and then point out that the phone is stolen.
  Not "Can't." WON'T. Big fucking difference there.
8. Re:Phone-based ransom-ware? by Sockatume · 2013-06-11 02:21 · Score: 2, Insightful
  
  You think a rogue carrier that doesn't obey the IMEI blacklist is going to obey a request from Apple to cancel someone's service plan?
  
  --
  No kidding!!! What do you say at this point?
9. Re:Phone-based ransom-ware? by HappyPsycho · 2013-06-11 03:05 · Score: 3, Insightful
  
  The apple accounts can be disabled. That still falls well within their control.
10. Re:Phone-based ransom-ware? by Anonymous Coward · 2013-06-11 03:30 · Score: 2, Insightful
  
  Apple admits they see them popping up all over the world under other names but can't recall or stop them from being used.
  
  And that's so much bullshit right there. If they can identify when the stolen phones shows up on the network, then they can identify a phone as stolen when someone shows up to activate it, and simply NOT activate it. They simply choose NOT to do so, because it hurts their secondary ownership market and makes people unwilling to take the chance that the phone they see on eBay is legit.
  And they can do it all regardless of how jailbroken the phone is, because it's not dependent on the phone's software.
  Which means their statements are bullshit.
11. Re:Phone-based ransom-ware? by Belial6 · 2013-06-11 05:10 · Score: 3, Insightful
  
  Apple isn't the problem here with stolen phones. Law enforcement is. Our phones locations are tracked. We all know this. No one is denying that our phones are tracked. The police literally get a map with the bad guys location marked on it, and a constant stream of evidence to prove that the bad guy is guilty of a crime.
12. Re:Phone-based ransom-ware? by Shadowmist · 2013-06-11 05:30 · Score: 3, Insightful
  
  It's their OS and their device, aren't hey entitled to it?
  It's their device until I buy it.
  I guess owning something doesn't mean being able to use it the way you want.
  Apple doesn't give a good goddamn about stolen phones. That's not why they're implementing this new lockdown. In fact, they probably like stolen phones because that means they can sell new ones to the original suckers. This is about making sure that not one thing happens with that device where Apple doesn't get a little ka-ching! somewhere along the line.
  Apple has taken cell phones and tablets and turned them into slot machines. And Apple is the "house".
  You own the physical device. You don't own the software. You don't own the rights to monkey with the software. In a similar vein, Apple is not under any obligation to make life easier for you to monkey with their software. The exploits that make jailbreaking easier make for a less secure phone. And phone security is a good deal of what iPhone users are buying into and is a growing concern the more of their lives people place on this (and other smartphones as well.)
The problem is... by Darkness404 · 2013-06-11 00:49 · Score: 2, Insightful

The problem is, as with most anti-theft technology like this, it won't hurt the thieves as much as it will screw-over buyers of used hardware.

This will not cut down on theft as much as it will simply cripple the trust of the secondary market. After all, you can still steal an iPhone, stick it on Craigslist for cash, sell it to some poor sucker and get leave before he charges up the phone and figures out it was stolen and won't work.

--
Taxation is legalized theft, no more, no less.
1. Re:The problem is... by Anonymous Coward · 2013-06-11 00:56 · Score: 5, Insightful
  
  Really? You'd buy a "gray-market" iPhone without seeing that it's on, and operational? Are you that retarded, really? I can only assume that you're retarded, since I can't imagine even the most dim-witted average person forking over good money for an iPhone without verifying that the thing is functional.
  What this does is it makes it *mostly pointless* for someone to steal an iPhone, unless (until) someone finds a way to circumvent this activation lock. If it's useless, that scam works a limited number of times, and you're going to have some 'splainin to do to your customers. And you're going to have some angry customers who know who you are and can provide a description to police... "Hey I bought this iPhone advertised on Craigslist, and I have reason to believe it's stolen. I got it from this guy, here's his name and description."
2. Re:The problem is... by Anonymous Coward · 2013-06-11 01:13 · Score: 5, Insightful
  
  Go to an Apple store, they take it out of the box right there and activate it. Go to an AT&T store, they take it out of the box right there and activate it.
  There's no reason to not say "open the shrinkwrap, plug it in, and let's verify that it's ready for activation, and not a brick."
  If the person you're buying from suddenly gets all nervous and says "I gotta go man, just gimme the money and take the phone, I ain't got time for that," then there's a pretty fucking good warning that you're getting scammed.
  Seriously, you people are fucking dense if you think this will do anything but reduce the number of stolen iPhones.
3. Re:The problem is... by Joce640k · 2013-06-11 01:17 · Score: 4, Insightful
  
  Yeah because no thief has ever put it into another iPhone box and shrink wrapped it and sold it as new before...
  If you're buying "new" iPhones from unknown people in gas stations then you deserve what you get IMHO.
  
  --
  No sig today...
4. Re:The problem is... by BitZtream · 2013-06-11 01:54 · Score: 3, Insightful
  
  Right, its not like they could ... you know ... figure out to turn the fucking thing on and try it first ... thats not something that anyone would ever think of.
  Why are people on slashdot ... who think they are so smart and clever ... so utterly stupid to the fact that people have been ...
  turning on and trying their used iPhones before buying them for years ALREADY?
  Does your dumb ass buy a used car without trying it too?
  
  --
  Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
"War against jailbreaking?" by Anonymous Coward · 2013-06-11 00:50 · Score: 5, Insightful

How about "war against security exploits that allow malicious users to gain unrestricted access to your phone?"
I guess Linux and Microsoft are both engaged in a 'war against jailbreaking' too, when they close fucking security exploits.
Jesus christ - if you want root on your device, get a device that is built to allow that. Don't bitch that a company closes fucking security holes in its software.
1. Re:"War against jailbreaking?" by GameboyRMH · 2013-06-11 02:22 · Score: 4, Insightful
  
  This. When you want an open device but instead buy a jailed device and jailbreak it, you're voting with your dollars to say "YES, more locked-down toys, I LURV DEM SO GOOD!"
  
  --
  "When information is power, privacy is freedom" - Jah-Wren Ryel
IMEI by ssam · 2013-06-11 00:56 · Score: 5, Insightful

Whats wrong with IMEI blacklisting.
1. Re:IMEI by Bodero · 2013-06-11 01:00 · Score: 5, Insightful
  
  Whats wrong with IMEI blacklisting.
  
  Carrier unlocking, and the fact that a locked out iPhone still makes a great iPod Touch.
2. Re:IMEI by Plumpaquatsch · 2013-06-11 01:07 · Score: 4, Insightful
  
  Whats wrong with IMEI blacklisting.
  Ask the people who just last month complained that it wasn't enough. Like the NYT, who of course singled out Apple.
  
  --
  Of course news about a fake are Fake News.
time to implement by blackraven14250 · 2013-06-11 00:56 · Score: 4, Insightful

The summary implies they've had this in the works for multiple iterations of iOS and never did it. I find it highly doubtful they were ready to implement this, but didn't for what, 5 consecutive versions of iOS?
Nobody wants to jailbreak by readingaccount · 2013-06-11 00:57 · Score: 3, Insightful

But we do want, insist actually, on root access for devices we own. If you can't log in as root, you don't own the device. Just give me the option to turn on root access using my Apple ID. Closing holes that allow for unauthorized privilege elevation is a good thing. Disallowing authorized use of the full functionality of a device is a bad thing.
Boycott Apple by tuppe666 · 2013-06-11 01:08 · Score: 1, Insightful

Jesus christ - if you want root on your device, get a device that is built to allow that. Don't bitch that a company closes fucking security holes in its software.
I agree it is time to boycott apple for their anti-consumer practices than excusing their behaviour.
Re:iPhone Tracks Everywhere You've been by Anonymous Coward · 2013-06-11 01:14 · Score: 2, Insightful

Google signed up to Prism long before apple
troll harder
http://arstechnica.com/tech-policy/2013/06/new-leak-feds-can-access-anything-in-your-google-facebook-and-more/
not about killswitch, but locking for owner by dutchwhizzman · 2013-06-11 02:03 · Score: 4, Insightful

This is *not* about permanently disabling or blacklisting a phone. This is about making the phone unusable for the thief, but keeping it technically sound so the rightful owner could still use it if it has been recovered. It'd be trivial to blacklist an IMEI, just as it would be to circumvent the blacklist by reprogramming the baseband controller. It'd be trivial to implement a "self destruct" on the phone that could be triggered remotely, but then you'd have a phone that would need at least one chip replaced before it'd work again. This is about non-destructive locking and it relies on the OS not being rooted. They may find a way to do that on newer hardware, but as I understand it, all current hardware has been "owned" sufficiently for a software-only compromise to be sufficient.

--
I was promised a flying car. Where is my flying car?
Re:iPhone Tracks Everywhere You've been by lxs · 2013-06-11 02:18 · Score: 1, Insightful

Thank you. I see now that Apple is in the clear because of the "but he did it first" rule. That rule didn't work way back when I played in the sandbox but apparently it does work on the internet.