Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apple's War Against Jailbreaking Now Makes Perfect Sense

Posted by timothy on from the sacrifice-the-phone-to-save-your-world dept.

An anonymous reader writes "Apple has always been extremely anti jailbreaking, but it might now have a good reason to plug up the exploits. As Hardware 2.0 argues, Apple's new iOS 7 Activation Lock anti-theft mechanism which renders stolen handsets useless (even after wiping) unless the owner's Apple ID is entered relies on having a secure, locked-down OS. Are the days of jailbreaking iOS coming to a close?" I can see a whole new variety of phone-based ransom-ware based on this capability, too.

55 of 321 comments (clear)

  1. Phone-based ransom-ware? by Sockatume · · Score: 4, Insightful

    timothy, you're going to have to explain how the implimentation of this feature by Apple in any way changes a developer's ability to create ransomware with similar functionality. 'Cause the way I see it, to be able to hijack the Authentication Lock, you're probably going to have to have sufficiently low-level access to just impliment your own lock.

    --
    No kidding!!! What do you say at this point?
    1. Re:Phone-based ransom-ware? by Joce640k · · Score: 5, Insightful

      The phone's CPU could have a special PIN number that comes on a scratch card in the box when you buy it.

      If your phone gets stolen you call your operator and read them the PIN. They send out a "kill" signal and the phone commits suicide.

      This is impossible for hackers to fake - they can never know the PIN.

      --
      No sig today...
    2. Re:Phone-based ransom-ware? by Anonymous Coward · · Score: 5, Interesting

      In our business we have had several thousand 4's stolen over the last 2 years. We have 0 recourse to recover them. Apple admits they see them popping up all over the world under other names but can't recall or stop them from being used.

      Bricking them or recovering them was a request of many businesses and officers of the law. Dry up the demand and you will slow down the theft.

    3. Re:Phone-based ransom-ware? by Plumpaquatsch · · Score: 4, Insightful

      The phone's CPU could have a special PIN number that comes on a scratch card in the box when you buy it.

      If your phone gets stolen you call your operator and read them the PIN. They send out a "kill" signal and the phone commits suicide.

      This is impossible for hackers to fake - they can never know the PIN.

      Yeah, they can only send millions of kill messages with random PINs out. No harm done.

      --
      Of course news about a fake are Fake News.
    4. Re:Phone-based ransom-ware? by Anonymous Coward · · Score: 5, Funny

      This PIN number thingamajiggy you speak of, is it to enter into the LCD display of an ATM machine? Good thing those are engineered using CAD design, but even better they're not programmed using BASIC code and don't run on a DOS operating system anymore, and now have gobs of RAM memory!

    5. Re:Phone-based ransom-ware? by F.Ultra · · Score: 2

      Doesn't mean that we have to like it.

    6. Re:Phone-based ransom-ware? by omnichad · · Score: 5, Insightful

      Whose device again? Money changed hands.

    7. Re:Phone-based ransom-ware? by PopeRatzo · · Score: 2, Insightful

      It's their OS and their device, aren't hey entitled to it?

      It's their device until I buy it.

      I guess owning something doesn't mean being able to use it the way you want.

      Apple doesn't give a good goddamn about stolen phones. That's not why they're implementing this new lockdown. In fact, they probably like stolen phones because that means they can sell new ones to the original suckers. This is about making sure that not one thing happens with that device where Apple doesn't get a little ka-ching! somewhere along the line.

      Apple has taken cell phones and tablets and turned them into slot machines. And Apple is the "house".

      --
      You are welcome on my lawn.
    8. Re:Phone-based ransom-ware? by Moryath · · Score: 2, Insightful

      Apple admits they see them popping up all over the world under other names but WON'T recall or stop them from being used.

      FTFY.

      Apple are lazy-ass sons of bitches as are the cell companies complicit in this shit. They "admit they see them popping up all over the world" but they WON'T:

      - Flag the account of the new user as using a stolen phone.
      - Deactivate that user's account / internet access until they come in to complain and then point out that the phone is stolen.

      Not "Can't." WON'T. Big fucking difference there.

    9. Re:Phone-based ransom-ware? by geminidomino · · Score: 2

      Nah, he was right the first time.

    10. Re:Phone-based ransom-ware? by Sockatume · · Score: 2, Insightful

      You think a rogue carrier that doesn't obey the IMEI blacklist is going to obey a request from Apple to cancel someone's service plan?

      --
      No kidding!!! What do you say at this point?
    11. Re:Phone-based ransom-ware? by minstrelmike · · Score: 2

      This is impossible for hackers to fake - they can never know the PIN.

      You probably believe God created the heavens and the earth in six days, too.

      The pirate quote that three men can keep a secret if two of them are dead is only close to the truth. How may folks have asked if you yourself can keep a secret as they get ready to tell you one of their own? I always say I can't yet they tell me their secret anyway.

      We have a secret code, a secret algorithm, an unbreakable cipher. Like kids in a tree house with a sign saying No Grrrlz Allowed.

    12. Re:Phone-based ransom-ware? by HappyPsycho · · Score: 3, Insightful

      The apple accounts can be disabled. That still falls well within their control.

    13. Re:Phone-based ransom-ware? by Anonymous Coward · · Score: 2, Insightful

      Apple admits they see them popping up all over the world under other names but can't recall or stop them from being used.

      And that's so much bullshit right there. If they can identify when the stolen phones shows up on the network, then they can identify a phone as stolen when someone shows up to activate it, and simply NOT activate it. They simply choose NOT to do so, because it hurts their secondary ownership market and makes people unwilling to take the chance that the phone they see on eBay is legit.
      And they can do it all regardless of how jailbroken the phone is, because it's not dependent on the phone's software.
      Which means their statements are bullshit.

    14. Re:Phone-based ransom-ware? by TheRaven64 · · Score: 2

      If the pin is 10 digits then "they" are wasting their time

      Assuming that they are generated by a strong random number generator. Of course, there are no recent examples of random number generators having a lot less entropy than was believed (or required for the application). Well, except for that whole chip-and-pin thing. And the Debian OpenSSL packages. And...

      --
      I am TheRaven on Soylent News
    15. Re:Phone-based ransom-ware? by jedidiah · · Score: 2

      > How is apple preventing you from buying an android device?

      They sue Android vendors and try to ban Android devices from the market.

      --
      A Pirate and a Puritan look the same on a balance sheet.
    16. Re:Phone-based ransom-ware? by ArsonSmith · · Score: 2

      But they do have a VIN that, if it shows up somewhere the car is impounded and possibly returned to the proper owner or insurance carrier at some point.

      --
      Paying taxes to buy civilization is like paying a hooker to buy love.
    17. Re:Phone-based ransom-ware? by TheRaven64 · · Score: 4, Interesting

      Ah, starting with an ad hominem, good job.

      No, your plan isn't completely unworkable, but unless you are completely confident in your random number generator (possible, but hard), you have the potential for a really expensive recall when someone works it out. With 10 digits, you have about 33 bits of entropy. That's not a trivial search space, but it may be possible to brute force if it's something you can do over the local network. If you can do 1000/second, it will probably take about 1-2 months. 10,000/second, and you can do it in a week. Pretty obvious network traffic though. If, however, your random number generator is a lot less random than you think, then in this kind of thing you may end up with only 16 bits of entropy (random number generator errors in the past have resulted in a lot less than half the expected entropy). In that case, at 1000/second you could probably brute force it in about half a minute, and definitely do it in slightly over a minute.

      And that's assuming the only flaw is in the random number generator. A more common error in implementing this kind of system would be a timing error in checking the code. If the time taken to process the key is related to the number of digits that you got right, then you can easily target a phone to disable, even with a strong random number generator.

      Sure, it's possible to do it right. It's just a lot easier to do it wrong. There's only one way of doing it right and there are hundreds of ways of doing it wrong...

      --
      I am TheRaven on Soylent News
    18. Re:Phone-based ransom-ware? by Belial6 · · Score: 3, Insightful

      Apple isn't the problem here with stolen phones. Law enforcement is. Our phones locations are tracked. We all know this. No one is denying that our phones are tracked. The police literally get a map with the bad guys location marked on it, and a constant stream of evidence to prove that the bad guy is guilty of a crime.

    19. Re:Phone-based ransom-ware? by Shadowmist · · Score: 3, Insightful

      It's their OS and their device, aren't hey entitled to it?

      It's their device until I buy it.

      I guess owning something doesn't mean being able to use it the way you want.

      Apple doesn't give a good goddamn about stolen phones. That's not why they're implementing this new lockdown. In fact, they probably like stolen phones because that means they can sell new ones to the original suckers. This is about making sure that not one thing happens with that device where Apple doesn't get a little ka-ching! somewhere along the line.

      Apple has taken cell phones and tablets and turned them into slot machines. And Apple is the "house".

      You own the physical device. You don't own the software. You don't own the rights to monkey with the software. In a similar vein, Apple is not under any obligation to make life easier for you to monkey with their software. The exploits that make jailbreaking easier make for a less secure phone. And phone security is a good deal of what iPhone users are buying into and is a growing concern the more of their lives people place on this (and other smartphones as well.)

    20. Re: Phone-based ransom-ware? by PopeRatzo · · Score: 2

      Sorta like that house you "bought" except you pay a fee every year to the state to "own" it.

      But at least I can replace the furnace with one from a different manufacturer. If I want to knock down walls, put up walls, even add dormers on the roof, I can do that.

      And that "fee" you pay to the state provides you with a sewage system, water system, road to my door, and police protection. With Apple, it's only juice.

      --
      You are welcome on my lawn.
  2. The problem is... by Darkness404 · · Score: 2, Insightful

    The problem is, as with most anti-theft technology like this, it won't hurt the thieves as much as it will screw-over buyers of used hardware.

    This will not cut down on theft as much as it will simply cripple the trust of the secondary market. After all, you can still steal an iPhone, stick it on Craigslist for cash, sell it to some poor sucker and get leave before he charges up the phone and figures out it was stolen and won't work.

    --
    Taxation is legalized theft, no more, no less.
    1. Re:The problem is... by Anonymous Coward · · Score: 5, Insightful

      Really? You'd buy a "gray-market" iPhone without seeing that it's on, and operational? Are you that retarded, really? I can only assume that you're retarded, since I can't imagine even the most dim-witted average person forking over good money for an iPhone without verifying that the thing is functional.

      What this does is it makes it *mostly pointless* for someone to steal an iPhone, unless (until) someone finds a way to circumvent this activation lock. If it's useless, that scam works a limited number of times, and you're going to have some 'splainin to do to your customers. And you're going to have some angry customers who know who you are and can provide a description to police... "Hey I bought this iPhone advertised on Craigslist, and I have reason to believe it's stolen. I got it from this guy, here's his name and description."

    2. Re:The problem is... by djrosen · · Score: 3, Interesting

      Yeah because no thief has ever put it into another iPhone box and shrink wrapped it and sold it as new before...

    3. Re:The problem is... by bluefoxlucid · · Score: 4, Interesting

      I think that was the point. People will see a pattern of phones sold second-hand not working, and will cease to buy second-hand phones. Legitimate sellers are screwed.

      --
      Support my political activism on Patreon.
    4. Re:The problem is... by Anonymous Coward · · Score: 5, Insightful

      Go to an Apple store, they take it out of the box right there and activate it. Go to an AT&T store, they take it out of the box right there and activate it.

      There's no reason to not say "open the shrinkwrap, plug it in, and let's verify that it's ready for activation, and not a brick."

      If the person you're buying from suddenly gets all nervous and says "I gotta go man, just gimme the money and take the phone, I ain't got time for that," then there's a pretty fucking good warning that you're getting scammed.

      Seriously, you people are fucking dense if you think this will do anything but reduce the number of stolen iPhones.

    5. Re:The problem is... by Joce640k · · Score: 4, Insightful

      Yeah because no thief has ever put it into another iPhone box and shrink wrapped it and sold it as new before...

      If you're buying "new" iPhones from unknown people in gas stations then you deserve what you get IMHO.

      --
      No sig today...
    6. Re:The problem is... by Anonymous Coward · · Score: 5, Interesting

      ...it will simply cripple the trust of the secondary market...

      I think it will just change the protocol for selling on eBay or Craigslist. Sellers will probably learn to post a picture of the phone, turned on, showing the date... and also the serial number or something. If you can get into the settings, then it wouldn't be locked. But really, sending a bricked phone is no different from sending a broken phone or no phone at all, so I think this all falls into the "fraud" dept.

      FWIW, there were five things which immediately went through my head when I saw them announce Activation Lock. In order, they are:.
        - "If iOS7 can be jailbroken, Activation Lock is useless"
        - "There needs to be a simpler way to 'release' a phone from your ownership". (I once went into "Find My iPhone" and was able to see all three iPads I've ever owned and the last three iPhones I've had. It turns out that it takes some deliberate navigating, on the part of the user, to indicate that they no longer own a device. That needs to be simpler.
        - It needs to be *verifiable* by the buyer that a device isn't "owned" by anybody. Otherwise, the device could be locked at any time in the future. (or... there needs to be a way for someone with a locked phone to track down the person with locking rights on a phone so that they can say "Hey... remember that phone you sold back to BestBuy last Spring? They never released you as the owner". Almost like doing a title-search on a piece of property.
        - Apple will probably need some kind of arbitration dept. for the "This dude sold me his phone and won't release his lock rights" or "I can't find the person who has lock rights" issues.
        - If this is something which people have to turn on in the phone before it gets stolen, it's going to be useless. Almost nobody is going to take the time to enable it, which means a small fraction of stolen phones will get activation-locked, which means there will be a small deterrent to theft.

      I eagerly await the rollout of iOS7 to see how Apple deals with these issues.

    7. Re:The problem is... by BitZtream · · Score: 3, Insightful

      Right, its not like they could ... you know ... figure out to turn the fucking thing on and try it first ... thats not something that anyone would ever think of.

      Why are people on slashdot ... who think they are so smart and clever ... so utterly stupid to the fact that people have been ...

      turning on and trying their used iPhones before buying them for years ALREADY?

      Does your dumb ass buy a used car without trying it too?

      --
      Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
  3. "War against jailbreaking?" by Anonymous Coward · · Score: 5, Insightful

    How about "war against security exploits that allow malicious users to gain unrestricted access to your phone?"

    I guess Linux and Microsoft are both engaged in a 'war against jailbreaking' too, when they close fucking security exploits.

    Jesus christ - if you want root on your device, get a device that is built to allow that. Don't bitch that a company closes fucking security holes in its software.

    1. Re:"War against jailbreaking?" by GameboyRMH · · Score: 4, Insightful

      This. When you want an open device but instead buy a jailed device and jailbreak it, you're voting with your dollars to say "YES, more locked-down toys, I LURV DEM SO GOOD!"

      --
      "When information is power, privacy is freedom" - Jah-Wren Ryel
    2. Re:"War against jailbreaking?" by Macman408 · · Score: 2

      Agreed, this. I once talked to an Apple engineer who works on security; this was the whole reason to plug the holes found by jailbreakers. After all, if you can visit a website that gives you root, you could visit a website that gives Sergei in eastern Russia root too. He could steal your saved passwords, or make collect calls, or send spam, or do thousands of other things to earn some quick money once he has control of your device. The jailbreakers just provide Apple with a convenient security testing service for free.

  4. IMEI by ssam · · Score: 5, Insightful

    Whats wrong with IMEI blacklisting.

    1. Re:IMEI by fuzzyfuzzyfungus · · Score: 2

      Whats wrong with IMEI blacklisting.

      Only works across whatever region(s) share blacklists.

    2. Re:IMEI by Bodero · · Score: 5, Insightful

      Whats wrong with IMEI blacklisting.

      Carrier unlocking, and the fact that a locked out iPhone still makes a great iPod Touch.

    3. Re:IMEI by Plumpaquatsch · · Score: 4, Insightful

      Whats wrong with IMEI blacklisting.

      Ask the people who just last month complained that it wasn't enough. Like the NYT, who of course singled out Apple.

      --
      Of course news about a fake are Fake News.
    4. Re:IMEI by Anonymous Coward · · Score: 2, Informative

      1) Only enforced by a few countries in this world

      2) Can be easily bypassed even in those countries

      3) Even in the countries that enforce it, not all phones that are stolen are in fact blocked at all.. They'll lose money if they do...

      I speak from personal experience working in a telecoms company that rhymes with JIM that sold their phones through 2 phone providers in UK that rhyme with Citrus sinensis and Carbon Dioxide respectively, and after checking the devices that customers report as stolen directly to them providers - by personal DB access and even phoning their customer service pretending to buy these phones from eBay and wanting to check their IMEI's - even after a year, can see first hand that they are not only still unblocked but in use by customers within UK with the same mentioned providers and unmodified IMEI numbers.

  5. time to implement by blackraven14250 · · Score: 4, Insightful

    The summary implies they've had this in the works for multiple iterations of iOS and never did it. I find it highly doubtful they were ready to implement this, but didn't for what, 5 consecutive versions of iOS?

  6. Re:No it doesn't. by Joce640k · · Score: 2

    How about an old fashioned fuse inside the chip? Blow the fuse, job done...

    --
    No sig today...
  7. Nobody wants to jailbreak by readingaccount · · Score: 3, Insightful

    But we do want, insist actually, on root access for devices we own. If you can't log in as root, you don't own the device. Just give me the option to turn on root access using my Apple ID. Closing holes that allow for unauthorized privilege elevation is a good thing. Disallowing authorized use of the full functionality of a device is a bad thing.

  8. Jailbreaking = Supporting 'Bad Guys'(tm) by killfixx · · Score: 5, Funny

    Wow...

    Would you steal a stereo? Would you steal a purse? Well, if you jailbreak your iPhone, you may as well!

    Jailbreaking your iPhone prohibits Apple from protecting the safety of your loved ones. Think of the children.

    TERRORISTS!!

    Shenanigans!!

    Anything to convince law-makers that having control over your own devices is evil.

    Bah!

    --
    "Helping to keep you two steps ahead of the Thought Police!"
  9. Secutiry could have been separate module by SplatMan_DK · · Score: 2

    When you control the hardware the way Apple does, there is no problem in separating the lock-feature from the main operating system, similar to what happens with a Trusted Platform Module in a Laptop. In fact, one may argue that relying on the operating system to handle this as part of its regular codebase is hopeless, as it means any jailbroken device can also be "unlocked" again.

    If they actually wanted to make this secure they would have separated it from the main OS.

    Having said that, one can hardly argue against a company working to close known vulnerabilities and security issues within their software, so Apple really should be working hard to close these exploits regardless of the lock-feature.

    - Jesper

    --
    My security clearance is so high I have to kill myself if I remember I have it...
  10. It's always made sense by cyber-vandal · · Score: 5, Informative

    They want to prevent anyone else from starting an app store in competition with theirs.

    1. Re:It's always made sense by chispito · · Score: 3, Interesting

      They want to prevent anyone else from starting an app store in competition with theirs.

      Except that makes it more difficult to explain in condescending terms of how Apple knows what is best for its customers.

      --
      The Daddy casts sleep on the Baby. The Baby resists!
  11. If this were really about theft... by Rich0 · · Score: 4, Interesting

    There is a simple solution to theft - initialize each device with a unique key, and give a copy of that key to the owner. By all means pre-load it with trust for the vendor key as well so that it can auto-update by default, but the master key goes to the user. The key might be a $2 USB drive in a little envelope that says "keep safe and don't open unless you want to modify the OS software - Vendor may not be able to repair devices without this key."

    The average user just sticks the key in a drawer and gets the default experience. A user who wants to unlock the device just downloads their alternate firmware installer of choice and it will ask them to insert their key so that it can reflash the phone. Users could also disable the Vendor's keys if they wish. By all means let users generate their own keys and install those on the device as well (obviously this will require the previous key). In the case of business-owned phones the business would procure the phone and keep the key, and thus they can stay in control of the hardware even if they allow employees to use it.

    Now users can reflash at will, but if somebody steals the phone they will be unable to do so. It would have minimal cost, and since the defaults are all idiot-proof those who don't care about the feature can ignore it and as long as they don't remove the Vendor key the vendor can still do anything they can do today. However, it would establish that the person who paid for the phone is the one who owns it. Since the key is a tangible object, it can be transferred if the owner wishes to do so, and I'd just make it a read-only simple USB drive so that it could be copied if desired as well - just like a car key.

  12. Re:iPhone Tracks Everywhere You've been by Anonymous Coward · · Score: 2, Insightful

    Google signed up to Prism long before apple

    troll harder

    http://arstechnica.com/tech-policy/2013/06/new-leak-feds-can-access-anything-in-your-google-facebook-and-more/

  13. Re:No app monopoly means no jail means no breaking by ChunderDownunder · · Score: 2

    http://www.google.com/nexus/4/

  14. There Is, and Never Has Been, a War by flanaganid · · Score: 2

    Apple's view towards jailbreaking can likely be summed up thus: Anyone is free to do whatever they want with their devices. Just don't expect support for unsupported things if it breaks. Found a security exploit in the OS? Thanks, we'll fix that right up.

  15. That is a Lie by tuppe666 · · Score: 3, Informative

    Apple's view towards jailbreaking can likely be summed up thus: Anyone is free to do whatever they want with their devices. Just don't expect support for unsupported things if it breaks. Found a security exploit in the OS? Thanks, we'll fix that right up.

    Apples view is your a criminal breaking DMCA http://www.copyright.gov/1201/2008/responses/apple-inc-31.pdf

    1. Re:That is a Lie by vux984 · · Score: 2

      No. That's true of trademark, not copyright.

  16. Re:Piracy by west · · Score: 2

    Reminds me of overhearing a salesperson trying to convince a customer to put down the iPhone she was holding and buy an Android phone (I suspect higher commission on the Android).

    "And another advantage is you don't have to pay for any applications unlike the iPhone. It's really easy and everyone does it."

    I wept for Android developers.

  17. not about killswitch, but locking for owner by dutchwhizzman · · Score: 4, Insightful

    This is *not* about permanently disabling or blacklisting a phone. This is about making the phone unusable for the thief, but keeping it technically sound so the rightful owner could still use it if it has been recovered. It'd be trivial to blacklist an IMEI, just as it would be to circumvent the blacklist by reprogramming the baseband controller. It'd be trivial to implement a "self destruct" on the phone that could be triggered remotely, but then you'd have a phone that would need at least one chip replaced before it'd work again. This is about non-destructive locking and it relies on the OS not being rooted. They may find a way to do that on newer hardware, but as I understand it, all current hardware has been "owned" sufficiently for a software-only compromise to be sufficient.

    --
    I was promised a flying car. Where is my flying car?
  18. Re:thanks fanboys by omnichad · · Score: 2

    the fact that everything from the new mac pro to the ipad actively resists attempts to load any other operating system than the one its packaged with

    Not quite. The new Mac Pro still lets you use Bootcamp to install Windows or you can do a direct EFI install of Windows Vista/7/8 without Bootcamp. You just have to copy the files on the DVD to a GPT partitioned USB drive and the Mac will natively boot the installer.

  19. Re:No it doesn't. by Belial6 · · Score: 2

    Or the police could do their job and arrest people who steal phones. They have a constant stream of evidence when the phone is on, and turn by turn directions to the thief's location. The thieves are being handed to them on a silver platter.

  20. Use the EMEI instead by SplatMan_DK · · Score: 5, Interesting

    Actually there is a much simpler way to go about this problem (with theft) which would leave both Apple and the NSA out of the loop.

    Every cellphone is equipped with an EMEI number which works similar to a network MAC address. It is a unique hardware identifier for each phone - on a global scale.

    The EMEI is visible in the settings/control-panel section of any modern phone, and often also printed on either the box the device is supplied in, or a piece of paper inside. And it is used by every carrier on the planet as a part of the calling infrastructure.

    All the carriers would need to do, is to allow a "blacklist" of EMEI numbers, so when your device is stolen you simply report the EMEI to the carrier and they blacklist it. To prevent abuse each device could be supplied with an anti-theft key generated by the initial operator or by the manufacturer (so only the holder of both the EMEI and theft-key can have it blacklisted).

    The technical capability to do this already exists. Some operators have even implemented it in trials. Their reasons for not using it today is the fact that not all operators actually want to bust customers with stolen phones, and this system would be kind of pointless if only half the carriers implement it.

    Enter regulation. The political system could easily pass a law that forces all carriers to implement this kind of EMEI-based anti theft system. It would take little to design, it would work for every phone on the planet regardless of make/model, and it would include only known technology (just a few bits and pieces to extend the existing EMEI database plus a front-office system to operate it).

    Not implementing this is pure laziness (from carriers).

    - Jesper

    --
    My security clearance is so high I have to kill myself if I remember I have it...