Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Tell me why a jailbroken IPhone isn't more safe then reg IOS

B

Bjraxx

macrumors newbie
Original poster
Jul 14, 2015
25
0
I just want some questions answered cause it just seems to me like a jailbroken iPhone would be farther more secure and safe then the regular IOS from typical everyday hackers. So I'm gonna ask some questions I don't understand.
1. After you jailbreak your phone does it take away all the restrictions? Does it make you unable to choose whether you want certain apps to track your location or not if so don't they have an app or a way that could bring all that back
2. Isn't like changing the root word one main way that a normal hacker or even someone super smart would be unable to hack?
3.Since you can place a passcode/ fingerprint on every app doesn't that clearly make them inaccessible?
4. Aren't there apps that can tell you who's been hacking in your phone and how?
5. Aren't there apps to keep them out of your wifi?
6. I mean I honestly don't see why they say it's so risky I mean for whom???The Asian and Japanese or whoever hackers to hack into some dumb person phone who puts their credit card and password info on certain targeted apps? It seems like there's so many apps to me to keep normal hackers out of phone when its jail broken then when it's not. Passcodes and **** on all apps etc etc cause I'm not worried about some Chinese developer hacking into my phone it's people around me neighbors whoever. Now somebody please correct me if I'm wrong if you want your phone protected from average everyday hackers or computer geeks isn't jail breaking your phone the only way? If it's not please tell me why it's not and I'm just simply not worried about a developer hacking into it cause there's nothing they would want.
 
1. Jailbreaking does not render ineffective the stock security/privacy settings. If you want an app not to access location based information block it in the Privacy settings under Location Services. Same as always.
2. Changing the root password is only necessary if you install OpenSSH. And hackers would either need physical access to your device or to be aware that you were jailbroken WHILE on the same WiFi network as you. Don't install OpenSSH and there is no path of attack (a wall if you will, instead of a door with a lock).
3. You need a tweak for what you are asking.
4. Possibly, I'm not aware of any. But I'm not usually handing my phone to people I don't know or running around blabbing my passwords and not changing the OpenSSH passwords and installing shady repos/apps. Thus I've never had cause to believe someone was 'hacking' my phone - because my phone was never put in the spot to be 'hacked' to begin with.
5. ???? I do not understand this question. FirewallIP can limit how apps and services communicate or are allowed to communicate over WiFi and cellular and your stock security still works. But network access to WiFi is controlled by the primary router delivering WiFi. That's generally not in your control in places like Starbucks.
6. It's risky for a few reasons. One of them is the fact that some people do not realize that responsibility for security has changed to them and is no longer Apple's responsibility. Do not hand your phone out. Do not go to shady websites or install shady repos/apps/tweaks and change the root passwords if you install OpenSSH. Follow those rules and you will keep yourself safe.

Secondly, Apple does not like jailbreaking (publicly at least). So they leverage the fact that jailbreaking uses exploits to jailbrake as evidence that you are now insecure and unsafe.

I think you're worried too much about someone hacking your phone. Are you so important to them that they are targeting your phone specifically? If so you may have more issues than just worrying about jailbreaking.

Generally it's just stuff that gets installed from shady sources that is phoning home information. There's no army of evil developers out there just waiting to personally pounce on people who jailbreak their iPhones and cause them grief.
 
  • Like
Reactions: BrianBaughn
eyoungren said:
1. Jailbreaking does not render ineffective the stock security/privacy settings. If you want an app not to access location based information block it in the Privacy settings under Location Services. Same as always.
2. Changing the root password is only necessary if you install OpenSSH. And hackers would either need physical access to your device or to be aware that you were jailbroken WHILE on the same WiFi network as you. Don't install OpenSSH and there is no path of attack (a wall if you will, instead of a door with a lock).
3. You need a tweak for what you are asking.
4. Possibly, I'm not aware of any. But I'm not usually handing my phone to people I don't know or running around blabbing my passwords and not changing the OpenSSH passwords and installing shady repos/apps. Thus I've never had cause to believe someone was 'hacking' my phone - because my phone was never put in the spot to be 'hacked' to begin with.
5. ???? I do not understand this question. FirewallIP can limit how apps and services communicate or are allowed to communicate over WiFi and cellular and your stock security still works. But network access to WiFi is controlled by the primary router delivering WiFi. That's generally not in your control in places like Starbucks.
6. It's risky for a few reasons. One of them is the fact that some people do not realize that responsibility for security has changed to them and is no longer Apple's responsibility. Do not hand your phone out. Do not go to shady websites or install shady repos/apps/tweaks and change the root passwords if you install OpenSSH. Follow those rules and you will keep yourself safe.

Secondly, Apple does not like jailbreaking (publicly at least). So they leverage the fact that jailbreaking uses exploits to jailbrake as evidence that you are now insecure and unsafe.

I think you're worried too much about someone hacking your phone. Are you so important to them that they are targeting your phone specifically? If so you may have more issues than just worrying about jailbreaking.

Generally it's just stuff that gets installed from shady sources that is phoning home information. There's no army of evil developers out there just waiting to personally pounce on people who jailbreak their iPhones and cause them grief.
Click to expand...

I don't understand how changing the root password of the phone could be unsafe when every iPhone has the same one unless someone changes it? Isn't knowing the root password a way to hack in some kind of way. How would they even know what you changed your root password to anyways. It's either you have the same one as everybody with a unjailbroken phone has or you have your own personal one? I'm confused how that would be dangerous? And I never let ANYONE touch my phone that would be capable of hacking into or would do it anyway..I just figured there were ways people could hack into it without physically having it and I know there has to be ways they can..I've been told that if you leave your Bluetooth on by accident there are apps that people can use to hack into stuff that way..And I just know there has to be a way that your neighbors or people close to you can hack into your wifi some kind of way I'm not sure how they can just literally pull up your texts, emails, web history by doing that but there has to be a way? I'm sure they can get email addresses and use technology to figure out passwords and hack your iCloud or all of that stuff. I want all my **** locked locked completely down is all I'm trying to say and I just feel like Apple doesn't offer apps that protect your texts photos emails etc wassup with them not having a passcode lock on that **** yet? Or fingerprinting apps....if what you say is true unless I hand my phone to somebody physically they couldn't hack into it or over wifi why are there so many people and articles such and such saying jail breaking is unsafe? If there just talking about the developers of apps being the ones that can make malicious apps I'm not worried about that that's not a concern to me. It's people that know me that could possibly hack into my phone is what I don't want and I'd like to know how that can happen when nobody ever physically touches my phone
 
Bjraxx said:
I don't understand how changing the root password of the phone could be unsafe when every iPhone has the same one unless someone changes it? Isn't knowing the root password a way to hack in some kind of way. How would they even know what you changed your root password to anyways. It's either you have the same one as everybody with a unjailbroken phone has or you have your own personal one? I'm confused how that would be dangerous? And I never let ANYONE touch my phone that would be capable of hacking into or would do it anyway..I just figured there were ways people could hack into it without physically having it and I know there has to be ways they can..I've been told that if you leave your Bluetooth on by accident there are apps that people can use to hack into stuff that way..And I just know there has to be a way that your neighbors or people close to you can hack into your wifi some kind of way I'm not sure how they can just literally pull up your texts, emails, web history by doing that but there has to be a way? I'm sure they can get email addresses and use technology to figure out passwords and hack your iCloud or all of that stuff. I want all my **** locked locked completely down is all I'm trying to say and I just feel like Apple doesn't offer apps that protect your texts photos emails etc wassup with them not having a passcode lock on that **** yet? Or fingerprinting apps....if what you say is true unless I hand my phone to somebody physically they couldn't hack into it or over wifi why are there so many people and articles such and such saying jail breaking is unsafe? If there just talking about the developers of apps being the ones that can make malicious apps I'm not worried about that that's not a concern to me. It's people that know me that could possibly hack into my phone is what I don't want and I'd like to know how that can happen when nobody ever physically touches my phone
Click to expand...
You misunderstand me.

If you do NOT change the root password THEN it is dangerous BUT only if you install OpenSSH. If you do NOT install Open SSH then there is no attack vector so passwords are never an issue.

But almost everyone knows that the default passwords for OpenSSH are 'alpine'. So, if you DO install OpenSSH, CHANGE the passwords. NOT doing so is dangerous.

But if you HAVE installed OpenSSH AND changed the passwords then you have locked attackers out and they must either guess your password or launch a brute force attack.

All I can tell you about the rest is that if you protect yourself as you do now you should be ok. There is no 100% secure phone, jailbroken or not. But jailbreaking itself does not make your phone any more or any less secure than a stock phone. It's what you do with it after you jailbreak it that can make it more (or less) secure depending on your actions and what you do or do not install.
 
  • Like
Reactions: Ulenspiegel and b0fh666
Even without open ssh installed giving your JB iOS device to someone who knows what to do with it can be a bad idea.. (Most people wouldn't care to do this) but Even if you have changed your root password you can use ifile and then change one string in "private/etc/master.passwd" and bypass the password you chose and set it back to alpine in less than 1min lol I know this works on JB iPhone6s iOS 9.0.2 because I forgot my password once and had to reset it

It's a blessing for anyone who owns the device and needs to change the passwd back to something you know and remember tho without re-jailbreaking
 
After reading this thread, I checked to see if I have OpenSSH installed. I don't, but I do have OpenSSL (apparently My3G depends on it)
From what I read, SSH and SSL are similar. Should I change my root password? I just did, as a precaution.
Please forgive my ignorance!
 
tys said:
After reading this thread, I checked to see if I have OpenSSH installed. I don't, but I do have OpenSSL (apparently My3G depends on it)
From what I read, SSH and SSL are similar. Should I change my root password? I just did, as a precaution.
Please forgive my ignorance!
Click to expand...
Yes, you were correct to change your password.
 
  • Like
Reactions: tys
I always change mine as soon as I install terminal. Just a habit from years of jailbreaking and install/delete ssh as I need it
 
Deetlebug89 said:
I always change mine as soon as I install terminal. Just a habit from years of jailbreaking and install/delete ssh as I need it
Click to expand...

I think it is dangerous not having ssh... if cydia breaks and you don't have ssh or terminal you are stranded. I always leave it installed and running :)
 
tys said:
After reading this thread, I checked to see if I have OpenSSH installed. I don't, but I do have OpenSSL (apparently My3G depends on it)
From what I read, SSH and SSL are similar. Should I change my root password? I just did, as a precaution.
Please forgive my ignorance!
Click to expand...

It doesn't hurt anything to change your password, but SSL and SSH are actually quite different (even though the first S stands for Secure in both acronyms). SSL is not based on password authentication like SSH. So if you only have OpenSSL installed and not OpenSSH, than there is no need to change the password
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back