General Safety of Jailbreak Apps/Tweaks

Discussion in 'Jailbreaks and iOS Hacks' started by xak, Feb 13, 2013.

  1. xak macrumors regular

    Joined:
    Mar 13, 2012
    #1
    My friend is apprehensive about jailbreaking because he thinks a downloaded jailbreak app/tweak could contain a virus or, more specifically, a keylogger.

    Is this technically feasible, or is there some sort of intrinsic protection afforded by iOS that carries over even after jailbreaking?

    And to be specific, I am not talking about SSH vulnerability if one enables it and leaves the root password unchanged. I am talking about the vulnerability of running a non-Apple reviewed/approved app, advertised as benign and useful but secretly containing malware, on a device that has been rooted. For example, say I downloaded f.lux from an unofficial repository that had been coupled with a small keylogger that sends, through some medium, all the passwords and financial information I've typed on my iPhone since installation - is this a practical concern?
     
  2. maccompatible macrumors 6502

    Joined:
    Mar 26, 2012
    #2
    Basically, yes. You're asking for trouble when you add unofficial repos, especially those that condone piracy. If you download a pirated piece of software, you deserve to have your financial information stolen.

    (I'm assuming this is what you mean by unofficial repo. All default repos are fairly trustworthy IMO)
     
  3. xak thread starter macrumors regular

    Joined:
    Mar 13, 2012
    #3
    So basically the honor system is at work here?

    Seems like even the official repos are at risk here then, unless all submitted apps are not only open source, but also subject to routine review by a competent person who thoroughly inspects the code

    Anyone here, preferably those not on a high horse, know of any cases of malware installed through Cydia?
     
  4. chrf097 macrumors 68040

    chrf097

    Joined:
    Dec 16, 2011
    #4
    For Official repos and trusted repos, usually someone has checked out the code and confirmed it safe.

    For Repos that promote piracy (which are the ones hosting tweaks for free, etc.) those are not trustworthy nor official and could very well hold compromising information.

    Once you jailbreak its kind of like unlocking your car door in the zombie apocalypse; you should be safe, but theres that slight possibility the zombie can open the door if you get too risky.
     

Share This Page