I think we might see an even more stringent control from Apple. These uninformed iPhone jailbreakers has made these underground movement a disservice. Now Apple has a better reason to run after these jailbreaking community as these put their product in a badlight and thus affect their image. And I don't really blame them. It's their product and they have the right to protect their name.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
First iPhone Worm Affects Jailbroken iPhones in Australia
- Thread starter MacRumors
- Start date
- Sort by reaction score
Apple:
iPhone owners, we know better than you what you would want to do with your phone. We now believe that you don't want to have the ability to have multiple web pages up at the same time so we have removed that annoyance. We also don't believe that you really want to have access to iTunes on the go so we have made it so you can only access iTunes from a computer. We also don't want to allow you to use your photos to change the wall paper so we removed that."
fr33 loader's response-
"Thank goodness for Apple. My phone is now better! Oh, how I love thee Apple.
More stringent control? So you actually think that apple has not tried to stop jailbreaking? wow... This is Apple, an unlocked phone = potential loss of revenue for Apple... and this they take very seriously, thus the problem is that the hackers are too good, or you could argue that Apple failed in making a device this is susceptible to hacking... maybe they will get it right in 4G... I doubt it. To be honest I doubt Apple care, since most of the uptight goodie too shoes will obey Apple, no point investing huge amounts of effort on a small percentage of the community. Lets face it, 3 years on and Apple has failed in stopping jailbreaking, so either they do not care or just plain suck at it.
I remember the jailbreakers blocked a security hole that iPhones had when they first came out. Something in Safari. Took apple a few weeks to release the update so people with 'virgin' iphones had a major security hole while the jailbreakers didn't. Irony
Yeah I remember, not the details of it though, but they patched the security loophole way before Apple got around to it.
So what is with Apple fanbois that makes them so righteous? Talk to people who have other devices such as consoles etc that have been moded/chipped or running other OS and those Fanbois do not careless, they actually think its cool that you can exploit the device and get more out of it.
Yep I love my modded XBOX. Which of course means i'm an evil pirate who uses it for playing illegal games... and not for XBMC. What a great program XBMC is, i just wish it had hardware support for video decode under windows.
Method and Apparatus for making Apple's control freakery look good
1. Write news item on exploit affecting only jailbroken iPhones with a particular piece of software installed and left on default password, while omitting details;
2. Wait for 10 pages of "jailbreaking is evil, thank Apple for restricting us!" posts;
Result: Make jailbreaking look bad.
3. Ignore top apps on the App Store recently in the news and known since August (hello, Storm8!) to leech personal data from your iPhone;
4. Ignore especially that this would have been discovered by a trivial automatic analysis of application activity to watch what the iPhone was transmitting while the app was in use.
Correct conclusions:
(a) The app checking procedure doesn't even include an automated analysis to make sure all your private data isn't immediately uploaded to a random server;
(b) It takes ages for a malicious app to be taken down, whether Apple is made aware or not.
Actual result: Make the iPhone jail look effective.
1. Write news item on exploit affecting only jailbroken iPhones with a particular piece of software installed and left on default password, while omitting details;
2. Wait for 10 pages of "jailbreaking is evil, thank Apple for restricting us!" posts;
Result: Make jailbreaking look bad.
3. Ignore top apps on the App Store recently in the news and known since August (hello, Storm8!) to leech personal data from your iPhone;
4. Ignore especially that this would have been discovered by a trivial automatic analysis of application activity to watch what the iPhone was transmitting while the app was in use.
Correct conclusions:
(a) The app checking procedure doesn't even include an automated analysis to make sure all your private data isn't immediately uploaded to a random server;
(b) It takes ages for a malicious app to be taken down, whether Apple is made aware or not.
Actual result: Make the iPhone jail look effective.
Apple:
iPhone owners, we know better than you what you would want to do with your phone. We now believe that you don't want to have the ability to have multiple web pages up at the same time so we have removed that annoyance. We also don't believe that you really want to have access to iTunes on the go so we have made it so you can only access iTunes from a computer. We also don't want to allow you to use your photos to change the wall paper so we removed that."
fr33 loader's response-
"Thank goodness for Apple. My phone is now better! Oh, how I love thee Apple.
Apparently the iPhone's market is perfectly happy with Apple's decisions. Why don't you paint something REAL now? Like this . . .
Satisfaction:
http://www.ipodobserver.com/ipo/article/iPhone_Satisfaction_Off_The_Charts/
http://blogs.zdnet.com/Orchant/?p=523
http://www.macworld.com/article/143209/2009/10/jdpower_iphone.html
http://arstechnica.com/apple/news/2009/10/iphone-tops-personal-business-satisfaction-rankings.ars
http://brainstormtech.blogs.fortune.cnn.com/2009/08/14/iphone-vs-pre-satisfaction-bakeoff/
http://www.appleinsider.com/article...one_3gs_has_99_percent_satisfaction_rate.html
Sales/marketshare:
http://www.apple.com/pr/library/2009/10/19results.html
http://news.cnet.com/8301-13579_3-10245339-37.html
http://brainstormtech.blogs.fortune.cnn.com/2009/08/13/iphone-market-share-grew-375-in-q2/
Against RIM and Pre:
http://www.nytimes.com/external/rea...l-soon-overtake-rim-in-consumer-sm-98992.html
http://www.businessinsider.com/henr...te-apples-eating-everyone-elses-lunch-2009-10
http://scobleizer.com/2009/10/25/85000-reasons-why-apples-iphone-isnt-going-to-be-disrupted/
http://macdailynews.com/index.php/weblog/comments/22858/
http://www.cnbc.com/id/33549870/site/14081545
http://forums.appleinsider.com/showthread.php?threadid=104222
http://brainstormtech.blogs.fortune.cnn.com/2009/08/17/apples-iphone-3gs-is-no-1-in-japan/
http://mashable.com/2009/07/04/iphone-japan/
Here's the latest:
http://www.macdailynews.com/index.p...ecord_high_takes_18_share_of_worldwide_smart/
Enjoy.
I'm not quite sure what I was supposed to read into them, but reading most of these links leads me to the following main conclusions:
1. Apple doesn't have the most popular smartphone;
2. Those who own iPhones have slightly higher satisfaction, by methods which are inherently statistically unsound, than those who own other smartphones. Method: Go to group A, ask them if they are satisfied with X. Go to group B, ask them if they are satisfied with Y. Find that around 5% more people in A express satisfaction with X than people in B express satisfaction with Y. Conclude X is better than Y. Argh!
From this, how can one conclude that, "the iPhone's market is pefectly happy with Apple's decisions"?
I was contemplating a 1,000 link post of people praising Windows 7 and articles illustrating Microsoft's profitability and massively superior marketshare on the desktop since the early '90s, but it might mislead people into thinking that the market for Windows/Office is happy with Microsoft
.I was contemplating a 1,000 link post of people praising Windows 7 and articles illustrating Microsoft's profitability and massively superior marketshare on the desktop since the early '90s, but it might mislead people into thinking that the market for Windows/Office is happy with Microsoft .[/QUOTE]
Nice
.[/QUOTE]Nice
I was not merely referring to this worm, but also to the FACT that this hacker released his code which will enable future exploits that could be MALICIOUS, and when you jailbreak your phone, you allow it to run unsigned software and are therefore at risk!
FACTS, PERIOD!
Again, this is 100% inaccurate. Jailbreaking alone will not make you vulnerable. You keep implying that it does.
This hackers released code only works if you actively install SSH and do not change the default password. He could put the code on a billboard in Times Square, but that is not going to change the fact that this code only works when SSH is installed and the password is not changed. Nothing based on this code will ever run unless you do those two things. There will always people who don't change the passwords on their gear. See the millions of wireless routers out there with the default password or the people who run Windows as Administrator. The user creates the problem, not jailbreaking the phone. This is not even an exploit or a security hole; if you know the password you are not even hacking into the system. It is unauthorized access to the system.
And of course jailbreaking allows you to run unsigned software. That is the point. I could install a trojan. I could install a trojan on my Mac as well. I take the same care installing software on my phone as I do on my computer.
But keep the scare tactics going. You have a career in politics waiting for you if you so choose.
Oh really? Just because you think you're safe because you install things carefully, doesn't mean that the iPhone is immune to other types of attacks. I didn't know you were an expert on iPhone security. The fact that the iPhone can be jailbroken means that there are ways around Apple's security system and when the iPhone is already jailbroken, it makes it much easier to mess with stuff since it does disable code signing and other system checks.
After reading many post here I'm getting the clear picture that the only people really loving the iPhone as great piece of technology are in the JB community. Most of the others are simply in awe of Apple marketing and brand.
It usually works like that. After all not everyone has talent when it comes to IT security.
But, although clever, this was rather simple. Not cracking/hacking was done at all, this was more like, taking advantage of idiot users.
Exactly. The exact same worm would probably work on any OS X machine, or Linux for that matter, that happened to have a default known password for root or any admin account, and port 22 open to the world.
Of course, that's the real issue at the bottom of this, it's not jailbreaking=evil, or iPhone=unsecure, it's that the implementation of open ssh on the iPhone opens a door to the device that the some users don't understand how to secure properly.
But for every worm author, there are 999 who observe a point of entry, write a proof-of-concept, say "ok, that was trivial", then throw it away. By hiring the 1 rather than the 999, you're not gaining any technical uniqueness, but you are choosing the one who (on evidence so far presented) is least likely to act ethically.
If you want to test someone, you might sit them down in front of an Internet-connected computer - for access to information on commonly installed software and other references about the iPhone - and tell them to write an exploit which would target a significant number of iPhones. Time T later, you let them test their code on an iPhone.
(If they give a "default ssh password" hack, yawn loudly, tell them that you'll call them, and show them the door.)
Why were my posts in here deleted?
I am having a difficult time understanding how some of you are pretending jailbreakers deserve this. Like someone else stated, what is wrong with wanting full control over a device you paid for? How would you like it if Apple started doing stuff like this to Mac OS X? You can't seriously see something wrong with modifying a device you own, can you?
I am having a difficult time understanding how some of you are pretending jailbreakers deserve this. Like someone else stated, what is wrong with wanting full control over a device you paid for? How would you like it if Apple started doing stuff like this to Mac OS X? You can't seriously see something wrong with modifying a device you own, can you?
To add onto the point made earlier that JBers had the safari patch way before Apple released it. We also have the advantage of helping our privacy because Saurik worked with some groups (Flurry, Medialets, Mobclix, Pinch Media) that collected anonymous data about users with their apps; which then helped him create a program that would block said groups from collecting data in their programs for the JBers that installed it. Some may notice the name Pinch Media that has appeared in numerous news about iPhone usage stats, jailbroken and not.
"And of course jailbreaking allows you to run unsigned software."
That is all I have to point out!
Do you think, MAYBE, JUST MAYBE, there is a reason that Apple put such stringent security measures in place??? That was even a compromise. Initially Apple wouldn't even allow 3rd party development. But once they did, they made sure to lay a solid security foundation, which JAILBREAKING ruins! So accept the risk you create. PERIOD!
Oh but don't worry, this code didn't do anything, so I'm sure you are safe from all potential future attacks that will surely come as Apple is DOMINATING the mobile computing revolution. Difference is, they have had security in mind from the start, unlike someone I know that took market dominance before... AHEM MICRO$OFT! But then again, everything is an afterthought for them.
