Evad3rs Announce iOS 7 Jailbreak For Latest Apple Devices

← Back to Stories (view on slashdot.org)

Evad3rs Announce iOS 7 Jailbreak For Latest Apple Devices

Posted by timothy on Sunday December 22, 2013 @06:23AM from the taketh-and-giveth-away dept.

hypnosec writes "Evad3rs, the famous iOS jailbreak team, has announced an iOS 7 jailbreak that will work in all iDevices including iPhone 5S, iPhone 5C and iPad Air running iOS 7.0 through to iOS 7.0.4. The iOS 7 jailbreak was announced without much of a hype, unlike the one for iOS 6. 'Merry Christmas! The iOS 7 jailbreak has been released at http://evasi0n.com/! All donations will go to @publicknowledge, @eff and @ffii,' tweeted evad3rs." Reader FrogBlastTheVentCore adds a note of caution: "They recommend restoring your device to iOS 7.0.4 if it has received OTA updates before attempting to jailbreak."

73 of 110 comments (clear)

Min score:

Reason:

Sort:

iOS 7.1 by ZorinLynx · 2013-12-22 06:26 · Score: 1

iOS 7.1 is probably coming next month... now surely whatever exploit was used will be analyzed by Apple and double-patched for the final 7.1 release.
You'd think they could have waited just a little bit more!
1. Re:iOS 7.1 by TrekkieGod · 2013-12-22 06:33 · Score: 2
  
  iOS 7.1 is probably coming next month... now surely whatever exploit was used will be analyzed by Apple and double-patched for the final 7.1 release.
  You'd think they could have waited just a little bit more!
  They may have downloaded the beta, realized the exploit had been patched, and released the jailbreak as a result, before a bunch of people update to 7.1 without thinking.
  Pure speculation on my part, but the point is that we should wait to see if they say something about it before complaining that they were impatient. There may have been good reasons.
  
  --
  Warning: Opinions known to be heavily biased.
2. Re:iOS 7.1 by Servaas · 2013-12-22 06:34 · Score: 2
  
  Considering it doesn't work on the beta it seems likely that Apple has already patched whatever hole they used.
3. Re:iOS 7.1 by noh8rz10 · 2013-12-22 06:35 · Score: 1
  
  If they did that then apple would patch it in 7.1.1! My question is, is this tethered or untethered?
4. Re: iOS 7.1 by RyuuzakiTetsuya · 2013-12-22 07:03 · Score: 4, Insightful
  
  Because the things you can do in user land are far more interesting to a lot of people that it is worth the trade offs in terms of stability, usability and security. Being able to customize the shit out of springboard, the keyboard, etc are really nice and fun but the charm of the OS isnt that I feel nice and fuzzy being in idiot mode, it's that I really don't feel the need to hack at it.
  Don't get me wrong, I would love to customize the shit out of ios and run non App Store apps but I generally don't feel I need it to make the thing a nice place to live.
  
  --
  Non impediti ratione cogitationus.
5. Re:iOS 7.1 by Cinder6 · 2013-12-22 07:17 · Score: 4, Insightful
  
  Honestly, as an iOS user, I don't really see the need. I have jailbroken in the past and just didn't see much that was worth the effort or the inevitable wait for official updates. For those that do want/need/"need" root, then this is a good option (or just buy an Android device).
  There are a few cool apps/tweaks on Cydia, but userland iOS also has tons of cool apps. For the vast majority of iOS users, jailbreaking isn't necessary.
  
  --
  If you can't convince them, convict them.
6. Re: iOS 7.1 by appleguru · 2013-12-22 07:25 · Score: 1
  
  Could be a test? They're using LLVM obfuscator, presumably to make their exploits harder for apple to reverse engineer.
  Maybe they want to see if apple can figure it out and patch it in time for 7.1?
  
  --
  appleguru.org
7. Re: iOS 7.1 by monkeyhybrid · 2013-12-22 08:19 · Score: 1
  
  Best they triple patch it, just to be sure.
8. Re:iOS 7.1 by ZorinLynx · 2013-12-22 09:33 · Score: 1, Interesting
  
  I used to think this way, and avoided buying iOS devices for a while because of this thinking.
  Then I realized, iOS devices are more like appliances and less like "computers". They're meant to do a specific task well. They're not meant to be general purpose computing systems.
  If I need a real computer, that's what my laptop is for. It's FAR more capable hardware-wise than my phone or iPad. The phone and iPad are both good at what they do, and incredibly stable and reliable. Both times I've jailbroken them, I never really ended up doing much with the jailbreak other than running console emulators, which work better on the laptop anyway.
9. Re: iOS 7.1 by phantomfive · 2013-12-22 10:14 · Score: 1, Interesting
  
  it is worth the trade offs in terms of stability, usability and security.
  This is, quite frankly, a false tradeoff. You can get the same stability, usability and security in several ways (like not running as root by default, like requiring extra steps to become root as with Android, etc), WITHOUT taking freedom away from users who would want it.
  
  Remember, everyone has freedom of speech until they want to say something that is forbidden, but those times are when speech protections are most important.
  
  --
  "First they came for the slanderers and i said nothing."
10. Re:iOS 7.1 by Fnord666 · 2013-12-22 10:21 · Score: 1
  
  Considering it doesn't work on the beta it seems likely that Apple has already patched whatever hole they used.
  I don't have a device to try it on, but the included readme.txt says
  
  SUPPORTED FIRMWARES:
  - iOS 7.0, 7.0.1, 7.0.2, 7.0.3, 7.0.4, 7.1beta1, 7.1beta2
  
  --
  'The tyrant will always find pretext for his tyranny.' - Aesop's Fables
11. Re:iOS 7.1 by PNutts · 2013-12-22 11:37 · Score: 1
  
  The goal has never to been to JB the most current release. Pick one or the other.
12. Re: iOS 7.1 by phantomfive · 2013-12-22 11:46 · Score: 1
  
  SO was I. What did you understand?
  
  --
  "First they came for the slanderers and i said nothing."
13. Re: iOS 7.1 by PNutts · 2013-12-22 12:08 · Score: 1
  
  I understood that some of the things you said have nothing to do with iOS. But do continue your mysterious rant.
14. Re: iOS 7.1 by phantomfive · 2013-12-22 12:21 · Score: 1
  
  You're wrong, please improve your skill at reading comprehension.
  
  --
  "First they came for the slanderers and i said nothing."
15. Re:iOS 7.1 by plover · 2013-12-22 13:11 · Score: 1
  
  The need is relative, of course. I have many Cydia apps that I refuse to give up, including several that are bought-and-paid-for. They include an outgoing firewall, tethering, various music and media controls, photos added to my contact list, PrivaCy, and many specific gestures to control things such as wi-fi and Bluetooth, all of which are banned by Apple.
  Even more of a factor is that I have no burning need to rush to iOS7. Most apps that require iOS7 simply don't offer anything compelling to me. I'm not all about the social media, so I don't have many of the popular apps like facebook or twitter installed. Honestly, if Windows phone supported the one important iOS database app I use, I'd consider jumping ship entirely (assuming Windows phones can be tweaked and or hacked to do the same things, something I haven't needed to research yet.)
  
  --
  John
16. Re: iOS 7.1 by RyuuzakiTetsuya · 2013-12-22 18:45 · Score: 2
  
  This is, quite frankly, a false tradeoff. You can get the same stability, usability and security in several ways (like not running as root by default, like requiring extra steps to become root as with Android, etc), WITHOUT taking freedom away from users who would want it.
  No, it's not.
  That kind of interaction isn't free. Not as in beer and not as in freedom. You've now got to devote resources to supporting these features, documenting these features and helping users when they fuck up. Granted, yes, you could just leave users out in the cold when everything goes all pear shaped... However, that's kind of psychotic.
  The freedom you want isn't free for the vendor. Not free as in beer and depending on device driver agreements, etc. may not be free as in speech. Granted that's a separate issue all together.
  The "Free as in freedom" crowd had 30 years to bring UI and UX to this stage but no one really cared enough to actually do it. Instead we got everyone disagreeing with each other about KDE or Gnome.
  
  --
  Non impediti ratione cogitationus.
17. Re: iOS 7.1 by RyuuzakiTetsuya · 2013-12-22 18:54 · Score: 1
  
  that's also not to mention that the kind of user interaction that you'd get by featuring freedom is either more modals(whee, everyone remember UAC in Vista?), or having the entire device run as root or ...
  The UX tradeoff isn't worth it. Have everything place nice in user land or get the fuck off my phone.
  On a tablet or MID, there's less incentive to make things ultra stable, but iOS is still a nice place for most users to live.
  
  --
  Non impediti ratione cogitationus.
18. Re: iOS 7.1 by phantomfive · 2013-12-22 18:55 · Score: 2
  
  It takes more effort for the vendor to attempt to lock these devices down than it would to leave them open.
  
  The "Free as in freedom" crowd had 30 years to bring UI and UX to this stage but no one really cared enough to actually do it. Instead we got everyone disagreeing with each other about KDE or Gnome.
  I see, you just wanted to rant irrelevantly about open source, and thought this was a reasonable place to do it. Be gone, troll.
  
  --
  "First they came for the slanderers and i said nothing."
19. Re: iOS 7.1 by RyuuzakiTetsuya · 2013-12-22 20:00 · Score: 2
  
  It takes more effort for the vendor to attempt to lock these devices down than it would to leave them open.
  Aside from supporting the functionality, making sure all the APIs work nicely, having customer support in case the whole thing goes wrong...
  
  I see, you just wanted to rant irrelevantly about open source, and thought this was a reasonable place to do it. Be gone, troll.
  No, I *love* open source. Open source isn't the same movement as Free Software movement. The FSF had decades to get this right, but never did. It wasn't even on their radar.
  
  --
  Non impediti ratione cogitationus.
20. Re: iOS 7.1 by phantomfive · 2013-12-22 20:09 · Score: 1
  
  Aside from supporting the functionality, making sure all the APIs work nicely, having customer support in case the whole thing goes wrong...
  You're either drunk, an idiot, or have no idea what is involved in this thing.......seriously, are you even a programmer? Do you know what is involved in programming an OS? Have you even looked at the iPhone/Android APIs? Your ranting seems mainly orthogonal to reality.
  
  --
  "First they came for the slanderers and i said nothing."
21. Re: iOS 7.1 by RyuuzakiTetsuya · 2013-12-23 03:50 · Score: 1
  
  I am a programmer, but my language of choice lately seems to be PHP. So I'm not banking on my taste or ability as any sort of authority.
  If everything *can* run as root, then what might break? What the hell becomes a massive regression?
  Free software isn't free as in beer when you've got to support it commercially. Have you ever worked with other human beings before? Do you know that people who really don't want to be power users exist and most of them are buying computing devices?
  
  --
  Non impediti ratione cogitationus.
22. Re:iOS 7.1 by jellomizer · 2013-12-23 04:15 · Score: 1
  
  What I really don't get, sense when was donating to a Twitter account, considered a good thing to do?
  
  --
  If something is so important that you feel the need to post it on the internet... It probably isn't that important.
23. Re: iOS 7.1 by phantomfive · 2013-12-23 04:30 · Score: 1
  
  If everything *can* run as root, then what might break? What the hell becomes a massive regression?
  Not everything needs to run as root, nor should it, unless the user specifically wants it to run it as root. Go look at the Android model sometime, you can see that becoming root is not easy, but it is reserved for the user. Your idea of 'support it commercially' is so inapplicable here that it mainly shows you haven't looked deeply into the subject, you are just whining.
  
  --
  "First they came for the slanderers and i said nothing."
24. Re: iOS 7.1 by phantomfive · 2013-12-23 04:59 · Score: 1
  
  What is it about iOS that brings out retards like you? Where are you getting your numbers? Do you really think Android support costs are 900% more than iPhone support costs? Did you think about what you are saying at all?
  
  --
  "First they came for the slanderers and i said nothing."
25. Re: iOS 7.1 by Optali · 2013-12-23 07:07 · Score: 1
  
  You are right.
  Given the use that we generally give to such a device (reading stuff mostly and some games, taking notes, etc) I don't see a great urge to get a Bash terminal running or a developing environment (because it sucks big balls for coding, that's why).
  I jailbroke 6 after getting my iPad3 (from my employer, else I would have continued very happily with my Acer One), I then just re-installed 6 and after updating to 7 I didn't even bother.
  
  --
  -- 29A the number of the Beast
26. Re: iOS 7.1 by RyuuzakiTetsuya · 2013-12-23 09:39 · Score: 1
  
  Uh.
  If you're doing testing, everything that *can* run as root needs to be tested *as* running as if it's root at some point during testing. You're the one questioning my ability as a programmer?
  Further more, the Android security model isn't even close to perfect under the hood, Even if the user is the only user that can go as root, that still doesn't keep apps from doing awful things in the background.
  Also, if your device ships with some feature X, and you don't give any sort of software support for feature X, then you're fucking it up. If feature X is so impossible to support for most users, don't ship it.
  
  --
  Non impediti ratione cogitationus.
27. Re: iOS 7.1 by phantomfive · 2013-12-23 09:52 · Score: 1
  
  You're the one questioning my ability as a programmer?
  Yes, yes I am.
  
  --
  "First they came for the slanderers and i said nothing."
28. Re: iOS 7.1 by phantomfive · 2013-12-24 17:27 · Score: 1
  
  ^What does that have to do with iOS.
  iOS takes away freedom from the user.
  
  --
  "First they came for the slanderers and i said nothing."
29. Re: iOS 7.1 by phantomfive · 2013-12-24 17:40 · Score: 1
  
  Oh yeah? What kind of app can't you build because the OS isn't up to it?
  
  --
  "First they came for the slanderers and i said nothing."
30. Re: iOS 7.1 by Em+Adespoton · 2013-12-26 11:04 · Score: 1
  
  Feature X := Firewall
  I'd prefer to be the one in charge of what leaks off my phone, TYVM. However, since a firewall is difficult to support for Apple, so they didn't ship it. There's a great one on Cydia however.
  While I can no longer make any sense of your debate, the truth is that Apple has prevented an iOS malware outbreak by not handing the users the keys to the car -- they'll just take you where you want to go, as long as it's on one of their streets. On the flip-side, they control who gets your information and how -- and unless you've got a packet sniffer on your network connection, you don't even know what's leaking from your iOS device.
  So, there's a tradeoff. Millions of people make it, in both directions. Me? I'd prefer it if Apple had a "break this seal and you're on your own" toggle where they will provide a way -- in hardware -- to gain root on iOS devices. This should allow people to do what they want with their devices, while also allowing people to reset to vanilla images and live the walled garden life. Both ways appear to have advantages, and both ways have downsides.
iPod Touch by HalAtWork · 2013-12-22 06:33 · Score: 2

Now if only Apple would bring out new iPod Touch hardware...

--
Twinstiq, game news
It works by the-matt-mobile · 2013-12-22 06:46 · Score: 1

I just finished applying it to my 4th generation iPad. It took about 10 minutes, which was longer than I expected. It uploads an app to your device, which you then run to apply the jailbreak. If Apple would just include a Dvorak keyboard, my main reason for jailbreaking would be gone. Or rather, it would only be driven by my desire to tinker and not from any real need.
1. Re:It works by Roger+Lindsjo · 2013-12-22 06:51 · Score: 1
  
  How is "desire to tinker" not a real need?
2. Re:It works by Moridineas · 2013-12-22 06:54 · Score: 1
  
  I'm a "one app" jailbreak user too. For me, it's BiteSMS. BiteSMS is great--it's a messaging overhaul that implements popup sms/imessage that lets you compose orreply to messages without leaving your current app. You can schedule messages to send in the future, actually see timestamps, etc. Great program. If this is a legit jailbreak and bitesms works, I'll upgrade to iOS7 right away.
3. Re:It works by Cinder6 · 2013-12-22 07:19 · Score: 1
  
  How is "desire to tinker" not a real need?
  Because "I want to do this" is not the same as "I need to do this."
  
  --
  If you can't convince them, convict them.
4. Re:It works by ArbitraryName · 2013-12-22 07:26 · Score: 1
  
  How do you differentiate "needs" from "wants" once basic survival requirements are met? Does installing a Dvorak keypad on an iPad allow him to secure food and/or shelter he couldn't obtain another way?
5. Re:It works by Anonymous Coward · 2013-12-22 07:29 · Score: 1
  
  I really thought every OS with keyboard input these days had dvorak as an option, once you go beyond serving the north-american continent, if you cant load a different layout you are rather screwed, once you are that far, adding dvorak is hardly much work (and likely would be done for free by volunteers if possible)
  Seems odd not to add something that cost so little to include and harms none.
6. Re:It works by Moridineas · 2013-12-22 08:28 · Score: 1
  
  Seems like there can be some pretty straightforward guidelines.
  If you require a dvorak keyboard, and the lack of a dvorak keyboard is a dealbreaker, then it's a need.
  If you want a dvorak keyboard and would use a dvorak keyboard if you could (but it's not a dealbreaker), then it's a want.
  It's about degrees. If you limit wants/needs to "basic survival requirements" then pretty much the entirety of modern civilization falls into the category of "wants."
7. Re:It works by ArbitraryName · 2013-12-22 09:11 · Score: 1
  
  That's my entire point. "Needs" and "wants" are entirely subjective.
8. Re:It works by PNutts · 2013-12-22 11:52 · Score: 1
  
  Not after they send you the letter.
9. Re:It works by Moridineas · 2013-12-22 11:56 · Score: 1
  
  Right, but only if you define a need solely as a "basic survival requirement." I do not agree with this definition.
  I would use a simpler definition in the context of cars/hardware/software/housing/etc (none of which are "basic survival requirements")--if it's a dealbreaker, it's a need. If it's not, it's a want.
10. Re:It works by dugancent · 2013-12-22 13:32 · Score: 1
  
  I've been using tetherme since the iPhone 3G and they have never sent me "the letter".
  
  --
  SJWs are the new boogeyman. -Me
Re:Nice, but... by Greyfox · 2013-12-22 06:55 · Score: 1

Or that there's so much broken code that they manage to keep finding new ones? Back in the 90's one of the contracting gigs I did was auditing the C standard library source for Data General, as part of their B2-secure certification process. Fast forward a decade or so and you never see anyone doing that. Someone I mentioned this to said it's because automated tools catch the same problems that people reading the code do, but there's plenty of code out there that obviously has never had those automated tools run against it. Hiring people to audit your code is expensive, licensing security-scanning software and developing processes to scan your code for exploits is expensive, saying you're sorry after someone exploits a security hole in your code is cheap. If no one ever does, or you never actually find out it's happening, it's free.

--
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
Jailbreak with broken Cydia and Mobile Substrate by Wizy · 2013-12-22 06:56 · Score: 3, Informative

This jailbreak is completely broken, and according to multiple other jailbreakers the evasion team took money to include a piracy app store from china. You can see all the fun on twitter as they yell at each other.
Re:Nice, but... by Just+Some+Guy · 2013-12-22 07:03 · Score: 5, Insightful

Regardless of where the code is or when it was written, I have a root-level vulnerability that makes my phone insecure. I wish jailbreaking were both unneeded (because you could easily install your own software through official means) and impossible (because there weren't any security holes to exploit).

--
Dewey, what part of this looks like authorities should be involved?
Re:Nice, but... by Overzeetop · 2013-12-22 07:06 · Score: 2

" The fact that you can jailbreak your iPhone means that another party is able to compromise mine."
Well, yes. Though in a more global sense, practically every open OS on the planet, and most closed ones, are also "vulnerable" in this way. Linux doesn't require "jailbreaking" to load your own kernal patches - it's already "vulnerable" in the sense you're promoting.
And given that this essentially requires a very specific set of circumstances to achieve, including physical access to the hardware, it isn't the kind of vulnerability that causes me to lose sleep.

--
Is it just my observation, or are there way too many stupid people in the world?
Just because you're at the Hilton... by Overzeetop · 2013-12-22 07:08 · Score: 1

Just because you're staying at the downtown Hilton doesn't mean you want to eat every meal at the in-house restaurant.

--
Is it just my observation, or are there way too many stupid people in the world?
DO NOT USE - Super sketchy stuff happening by Anonymous Coward · 2013-12-22 07:10 · Score: 5, Informative

Read Stefan Esser's Twitter feed for some off the problems with this jailbreak relating to a mandatory Chinese app store that get installed for some users (featuring pirated apps). They also left other members of the community like Saurik out, which is just odd. I wouldn't trust my devices with personal information with the current jailbreak.
1. Re:DO NOT USE - Super sketchy stuff happening by OzPeter · 2013-12-22 07:59 · Score: 1
  
  Read Stefan Esser's Twitter feed for some off the problems with this jailbreak relating to a mandatory Chinese app store that get installed for some users (featuring pirated apps). They also left other members of the community like Saurik out, which is just odd. I wouldn't trust my devices with personal information with the current jailbreak.
  While you may agree or disagree with Apples stance on controlling the apps in iDevices, one thing is certain is that "Jailbreaks" are Security Exploits with all the ramifications that that entails.
  
  --
  I am Slashdot. Are you Slashdot as well?
2. Re:DO NOT USE - Super sketchy stuff happening by phantomfive · 2013-12-22 10:18 · Score: 1
  
  What is so bad about having the Chinese appstore included? Hell, I'd look at that as a feature.
  The primary fear is that it would be a high risk vector for malware.
  A secondary fear is that it opens the jailbreakers to lawsuits, if there are too many pirated apps on that website.
  
  --
  "First they came for the slanderers and i said nothing."
3. Re:DO NOT USE - Super sketchy stuff happening by phantomfive · 2013-12-22 12:22 · Score: 1
  
  Wow bro, there are plenty of reasons to jailbreak your phone without wanting to pirate apps.
  
  --
  "First they came for the slanderers and i said nothing."
4. Re:DO NOT USE - Super sketchy stuff happening by tlhIngan · 2013-12-22 17:37 · Score: 1
  
  The primary fear is that it would be a high risk vector for malware.
  A secondary fear is that it opens the jailbreakers to lawsuits, if there are too many pirated apps on that website.
  Well, given how much must be done to have a jailbreak, the fact it was paid for by the Chinese is probably the most interesting part. Very sketchy. Do we need to remind people of all the Android malware that seems to infect Chinese phones?
  There's plenty of things that get executed and a lot of it runs are root. If you think Android malware is bad, the fact this is designed for pirated iOS apps has the likelihood of the same thing. And heck, I'm sure pirated Android apps are the same vector on Android.
  Plus, apparently without involvement of Saurik (Cydia), the build they have doesn't work very well, and neither does MobileSubstrate (it's a library Saurik wrote that lets developers do interesting things safely).
  And really, anyone really remember Apple's response to jailbreaking - you know, about potentially compromising your phoen, piracy, etc? Geez, do you really want to prove Apple right?
  Finally, a pirated app store? Really? Jailbreakers are seen by Apple as pirates and most developers see people who jailbreak as nothing but pirates - even though there are plenty of valid reasons to jailbreak that isn't piracy. This just reinforces the impression that jailbreakers do it just to pirate.
Re:Nice, but... by Just+Some+Guy · 2013-12-22 07:16 · Score: 2

It'd definitely harder now, and I see that as a very good thing. Remember the drive-by website that was basically a remote root exploit? There's a vast difference between requiring physical access and operator permission, and being able to root a system through the owner visiting a web page.

--
Dewey, what part of this looks like authorities should be involved?
Re:Nice, but... by ArbitraryName · 2013-12-22 07:23 · Score: 2

The fact that you can jailbreak your iPhone means that another party is able to compromise mine.
If they have physical control of the device, yes. Why would you trust any device you lost physical control of?
Review Guidelines tell you what iDon't by tepples · 2013-12-22 08:13 · Score: 2

A leaked copy of the App Store Review Guidelines listed several things that no iOS app is allowed to do. For example, there's no public API for seeing which wireless access points are available, making network troubleshooting apps impossible. Nor can a developer create an app launcher that's more accessible to individuals with disabilities. Nor is there any web browser that implements HTML5 features that Apple deliberately left out of Mobile Safari.
1. Re:Review Guidelines tell you what iDon't by thunderclap · 2013-12-22 15:42 · Score: 2
  
  All very good reasons to steer clear of the apple ecosystem.
Re:Jailbreak with broken Cydia and Mobile Substrat by ArbitraryName · 2013-12-22 08:16 · Score: 1

Define "broken". It seems to do what it says it does. Why should I care that a Chinese app store that isn't available to me has been included?
Re:Jailbreak with broken Cydia and Mobile Substrat by ArbitraryName · 2013-12-22 09:18 · Score: 4, Insightful

When you jailbreak you're running random code from the internet that was specifically advertised as a security exploit. I don't know what sort of naive expectations you have.
Evasi0n has issued a statement. by ArbitraryName · 2013-12-22 09:35 · Score: 4, Informative

Found here.
Re:Nice, but... by 93+Escort+Wagon · 2013-12-22 09:37 · Score: 2

So there's no confusion, "jailbreaking" is exactly identical to "finding and exploiting a security vulnerability". By definition, someone is using an unpatched problem to root your device and replace the system software with their own version. The fact that you can jailbreak your iPhone means that another party is able to compromise mine.
Technically, you are correct (the very best kind of correct). However if you followed jailbreaking more closely you'd realize a couple things.
1) There is no single exploit involved. With the iOS 6 jailbreak, they had to chain a whole sequence of things together to get root on the device.
2) In the end, it requires physical control over the device. As I understand it, the iOS 6 jailbreak required an exploit that allowed you to side load an app onto your device. That app, running on your device, then did all the heavy lifting of putting the jailbreak into place - which required additional exploits to allow the app out of its sandbox.
So what you say is true; but it's not something I'd lose any sleep over. I think the people who do need to be concerned are actual jail breakers - they need to be sure they're getting the jailbreak from "legitimate" (so to speak) sources.

--
#DeleteChrome
Re:How Do I Install My Own App On A Jailbroken Dev by phantomfive · 2013-12-22 10:24 · Score: 1

On older iOSes (version 5), you could use ssh tunneling , unzip your app (.ipa is a zip file), and run "scp -r -P 2222 Payload root@localhost:/Applications/", that is copy it to the /Applications directory. In iOS 4 you needed to reboot your phone for it to show up. In iOS 6 you need to modify some plist file or something for it to show up.

You can also try the ideviceinstaller command. You might need to sign your app first using ldid. Using the codesign command with your own personal certificate that you generate yourself.

But lets be honest, if you can afford an iOS device you can afford a subscription. It's all a matter of budgeting priorities.

--
"First they came for the slanderers and i said nothing."
Re:Nice, but... by PNutts · 2013-12-22 11:44 · Score: 1

Well said. I wish I had mod points.
Re:So...a guy willingly goes to jail... by PNutts · 2013-12-22 11:54 · Score: 1

Even the hottest girl in the room has a guy that's sick of her.
Re:How Do I Install My Own App On A Jailbroken Dev by PNutts · 2013-12-22 11:58 · Score: 1

But lets be honest, if you can afford an iOS device you can afford a subscription. It's all a matter of budgeting priorities.
What if somebody gave it to him?
Re:How Do I Install My Own App On A Jailbroken Dev by PNutts · 2013-12-22 12:00 · Score: 1

Money is tight, so I'm short the Apple Tax to do iOS development. But I have a jailbroken device.
What do I do to install my own App, that I developed myself, on my own jailbroken device?
IIRC $99 bucks to be legit or you could run them in the emulator. Putting them on your own device is not required to do development. Write something cool and you'll have volunteers.
Re:Nice, but... by plover · 2013-12-22 13:16 · Score: 1

Furthermore, while the jailbreak is considered "untethered", that only means you can reboot the phone without requiring a USB cable to a host computer (an important requirement in my book.) But as far as I know most jailbreaks still initially require the user to connect a USB cable to the device to load a special boot loader that injects the exploit.

--
John
Re:Jailbreak with broken Cydia and Mobile Substrat by petsounds · 2013-12-22 15:12 · Score: 1

Because they are installing the Chinese store with root access, meaning the code can do whatever it wants with the information on your device and send that information to wherever they want. Jailbreaking always comes with risk, but this basically compromises your device with unknown and unreviewed code. But hey, if you feel like dancing with the devil, go for it.
Already used it (iPad 2) by aussersterne · 2013-12-22 17:05 · Score: 2

Don't see any Chinese app stores. Just Cydia. All working well. Biggest problem: Nothing on Cydia is yet compatible with iOS 7.x, so in a way there's no point unless you just want system access—there's next to nothing that you can install and use. But hopefully that will change in time.

--
STOP . AMERICA . NOW
Re:Jailbreak with broken Cydia and Mobile Substrat by Elbart · 2013-12-22 19:46 · Score: 1

It throws the "It's only for homebrew, I swear"-rationale out the window.
Re:Nice, but... by liquidrocket · 2013-12-23 00:49 · Score: 1

In general, many of these bugs (both in iOS and Android) do not necceserily require physical access, even if that is the easiest way to use them. Ultimately they are just a regular app without any special permissions that, once up and running, use a traditional privilege-escalation type of exploit to gain root privileges on the device and complete its job.
letter to the community from evasi0n by Robert+Goatse · 2013-12-23 02:05 · Score: 1

Interesting...http://evasi0n.com/l.html
Re:Nice, but... by Em+Adespoton · 2013-12-26 11:11 · Score: 1

I love the idea of jailbreaking. Love it. I fully support your right to install whatever you want on the hardware you bought.
But.
So there's no confusion, "jailbreaking" is exactly identical to "finding and exploiting a security vulnerability". By definition, someone is using an unpatched problem to root your device and replace the system software with their own version. The fact that you can jailbreak your iPhone means that another party is able to compromise mine.
Again, I support everyone installing whatever they want on their devices. I'm not thrilled that this can be done on an iPhone by hacking deep into the system through a chunk of broken code somewhere.
Hmm... I just realized something. If Apple provided a means to gain root on iOS devices, it's likely they would never have discovered any of these security holes. Interesting paradigm. Security through preventing customers from doing what they want.