iOS Jailbreakers Dig Up a Wormy Little Exploit
Jul 8, 2011 10:24 AM PT
Zero-day vulnerabilities in Apple's iOS that are used to jailbreak iPhones and iPads could also be used to access confidential information, according to the German Federal Office for Information Security.
The bug, exposed by a team of hackers at JailbreakMe.com, exploits vulnerabilities on PDFs. It allows users of an Apple device that runs on iOS version 4.3 through 4.3.3 to jailbreak an iPhone or iPad, meaning that user now has a new level of control over the device. Typically, this is done in order to install apps that haven't been given the Apple seal of approval.
"While this allows users to run any apps they want, even those not reviewed by Apple, it is not without risk. In the past we have seen jailbreaks exploited to install banking malware on vulnerable systems. Essentially, this defeats the entire security posture of the device," Tim Armstrong, malware researcher at Kapersky Labs, told MacNewsWorld.
In the wrong hands, the vulnerability could prove invasive.
"Had this exploit been released by a malicious party, it could have been used to hijack personal information on the device, install malware, surveil the user by tracking their GPS information, access the camera and/or microphone, or a perform a myriad of other nefarious tasks," Jonathan Zdziarski, iPhone hacker and data forensics analyst, told MacNewsWorld.
Apparently the developer realizes this is a more dangerous threat than other exploits, because the group released a fix in tandem with the jailbreak product.
"Usually the developers of these types of exploits do not concern themselves with larger security threats that come with this behavior. It is a sort of a 'buyer beware' type situation," Armstrong said.
Apple announced Thursday it will also be issuing a fix as soon as possible, according to The Wall Street Journal.
To Jailbreak or Not to Jailbreak?
In the meantime, users hoping to protect themselves run into a sticky security situation. First, users of the iPad or iPhone should stay away from unknown PDFs.
Also, users face the decision of whether or not to jailbreak their devices. Ironically, in this particular scenario, jailbreaking may be the only way a user can guarantee staying safe.
"Going to jailbreakme.com and jailbreaking their phone will not only fix the PDF vulnerability, but open their device up to a new world of legal freeware, shareware, and other great software just like your desktop," Zdziarski said.
Others say that while it's a good safety mechanism, jailbreaking can also open up a world of security concerns.
"It's a very difficult decision. If you choose not to jailbreak your device and install the additional patch, you remain vulnerable until Apple releases an official patch. On the other hand, if you jailbreak, you could possibly add additional security holes to your device," said Armstrong.
Jailbreaking one's phone may also void the device's warranty.
Security Concerns on the Rise
Security researchers urge both users and tech companies like Apple and their competitors to be increasingly vigilant as malware, security breaches and malicious hacking become more common in the digital world.
"There's no way to prevent every single security vulnerability, but Apple has been known to be lackadaisical in securing iOS. To many in the open source community, many of their approaches to security seem nonsensical and administratively lazy," Zdziarski said.
Others agree that on top of prevention, Apple needs to make it a priority to get fixes to users quickly.
"The most that companies like Apple can do is to follow coding and security best practices to make it as difficult as possible to engineer these types of exploits, and to patch them as quickly as they can once they're discovered," Armstrong told MacNewsWorld.
Another way the company can tighten its hold on security and keep iPhone and iPad users happy is to make sure it's not necessary to upgrade software every time a fix comes through.
"The best way Apple can prevent such vulnerabilities from becoming as big of an issue in the future ... is finding ways to deliver small operating system fixes without having to upgrade the device's firmware entirely. Can you imaging how often security vulnerabilities would get fixed if you had to reinstall [Mac OS X] Snow Leopard on your desktop every time there was a new fix?" said Zdziarski.