Although apple is stopping security vulnerabilities, it would be more clear if they said under description:
"fixes security vulnerabilities and jailbreak." something on the line of it.
EDIT: NVM.
Last edited:
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Apple Releases iOS 9.3.4 With Important Security Fix [Update: Jailbreak Patched]
- Thread starter MacRumors
- Start date
- Sort by reaction score
"fixes security vulnerabilities and jailbreak." something on the line of it.
EDIT: NVM.
Interesting my OTA is showing 1.5gb. I was on the final 9.3.3 beta so it never updated to the release version. Guess thats why.
Did you try to update by iTunes?
iOS 9.3.3 final beta is the same build as the release version (13G34).
The support article with details about the security fix isn't out yet, but they usually credit the jailbreaking team if the vulnerability was discovered by them. Not sure what more you want. Some of us are happy that jailbreak exploits are fixed, since it means that there is a security vulnerability that can be exploited for other purposes as well.
I would think it would be standard to assume every update patches a jailbreak until proven otherwise
I don't believe it is Apple's responsibility to warn those who jailbreak an update might patch it
Thanks for the 9.3.4 patch Apple - if I hadn't read this I wouldn't have known Pangu had a 9.3.3 release 
I'll try to put Kodi back on my iPad via the non-JB method and keep 9.3.3 JB in my back pocket.
I'll try to put Kodi back on my iPad via the non-JB method and keep 9.3.3 JB in my back pocket.
This actually isn't true.. You're thinking of a remotely exploitable vulnerability ... All an attacker would need to do is compromise your computer, then would be able to expand into your mobile device. Think of malware that exploits an endpoint, then has a second or third stage component that then leverages extended privileges on your endpoint to inject itself into iTunes and then into your iPhone when connected. It would then use this vulnerability within iOS for a potential implant..
This sounds a bit extreme, but it's really not. I work in this field and these types of intrusions happen more than you think. Think how many iPhones live in the hands of high profile targets. Foreign nation states have fairly unlimited resources when it comes to launching complex attacks - especially when it leads to compromising a high value target.
Any exploitable vulnerability is a big deal. I applaud Apple for patching this or any other vulnerability in a rapid fashion.
Well, the 9.3.3 jailbreak requires you sign and side load an app onto your iPhone. They're probably worried that people will use that capability to install f.lux and not use Apple's imitation.
I kid, I kid...
Given how the jailbreak works, though, I'm not particularly worried about that "security hole" - I'm staying on jailbroken 9.3.3. I'm sure the tweaks I like to use will eventually get appropriated by Apple and get announced as cutting-edge additions to iOS, but for now... for me, jailbroken means greater utility. Apple provides nothing remotely comparable to the following tweaks:
Activator
FlipControlCenter
3G Unrestrictor
Protect My Privacy
One Hand Wizard
(Better) Five Icon Dock
The ipsw file is not being signed by Apple. You can try updating OTA.
Last edited:
Need a changelog from Apple. Not all of us use these devices for personal use.
IOMobileFrameBuffer
Available for: iPhone 4s and later, iPad 2 and later, iPod touch (5th generation) and later
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed through improved memory handling.
CVE-2016-4654: Team Pangu
Source
What real security issue? What severe security hole? Afaik, no jailbreak exploit has been used as an attack vector against iOS. Are jailbroken phones less secure than regular phones? I'd say yes, but that's a consequence of loading software from outside sources. Not a consequence of the jailbreak exploits. Is patching security holes the best solution for iOS users? Undoubtedly yes. But what you're doing is tantamount to fear mongering and concern trolling; equivalent to "but think the children".
I jailbreaked (jailbroke?) my phone to change the phone's look, add functionality and utilities that Apple won't provide (and won't let App Store apps provide either), and get rid of unnecessary components.
I have zero pirated apps, and plenty of apps I paid for. I plan to keep paying developers who provide good software, whether those are delivered trough the App Store or Cydia. If an app is too expensive, I either reconsider the cost to see if it's justified, or find a cheaper alternative from someone else who provides it.
Just because jailbreaking allows you to pirate apps doesn't mean it's the only reason to do so, or a primary one at that. Your argument is as ridiculous as me claiming that you got an Internet browser to download pirated content, because you can use a browser for that purpose (and if you claim anything else you're hiding the real reason).
It will secure from the security issue that can be exploited in potentially various ways (jailbreak just being one of them).
Typically something like a security patch, especially one of higher importance that needs to get out sooner than later, won't get a dev/public beta.
The security changes are available from Apple, but they get listed within about a day or so after the update is released to give more people a chance to install the update and have the security issues patched before the details of those security issues are made public (and could potentially be exploited by someone on those who didn't get a chance to update). In this case it seems to have happened even faster: https://support.apple.com/en-us/HT207026Need a changelog from Apple. Not all of us use these devices for personal use.
Well, we even had an X.4 release (with iOS 8.4).Didn't think we'd see the day where we would have a 9.X.4 update
It's possible that with a security issue in play Apple might stop signing the previous version earlier than they typically do.
Why do you jail break?!
To address a security issue (that the jailbreak happens to use as well).
So...not actually bricked?
Tethering is generally in the realm of carriers and their plans/features, so it's not really something for Apple to allow.
[doublepost=1470336618][/doublepost]
It's not necessarily about it actually getting exploited as much as it being in existence and in the wild so to say. If it's there and it's known and someone could abuse it (even if no one really does) it's on Apple to address it. We all know that should one day someone actually exploit something before Apple patches it, everyone will be all over Apple for it, no matter how rare (even if just plain never) it happened in the past.
well just installed 9.3.3 on a 5S I plan to give to my wife... tomorrow ill restore her backup on it and jailbreak the thing.
get it while it still works everyone.
to the 'why jailbreak' people... meh. if you want to be apple sheep more power to you, myself I like to OWN my devices.
cheers
get it while it still works everyone.
to the 'why jailbreak' people... meh. if you want to be apple sheep more power to you, myself I like to OWN my devices.
cheers
Then jailbreaking isn't for you - and that's fine.
My first smartphone was an Android phone. I've found that I prefer stock iOS to Android. However I prefer jailbroken iOS to stock iOS. As to why... see above.
[doublepost=1470337031][/doublepost]
Given they credit "Team Pangu" with discovering the one security bug this fixes, I'd say they're doing exactly that.
