Forgot your password?
typodupeerror
IOS Hardware Hacking

Apple IOS 4.3.4 Jailbroken Hours After Update 121

Posted by CmdrTaco
from the give-us-the-option dept.
Stoobalou writes "The cat and mouse game between Apple and the jailbreaking community continues unabated as an updated version of PwnageTool hits the web just hours after apple updated its iOS mobile operating system to lock out the JailbreakMe PDF-based exploit."
This discussion has been archived. No new comments can be posted.

Apple IOS 4.3.4 Jailbroken Hours After Update

Comments Filter:
  • Did you expect otherwise?

    In the words of Stanley Jobson, from the film Swordfish, "Nothing is impossible."

    Note: "There was an unknown error in the submission", constantly. I suspect you think this is spam, or the hamster in your wheel has died. so please let this post go through, comment system.

    • Re: (Score:3, Informative)

      Did you expect otherwise?

      Yesterday Slashdot's summary said the last update was to prevent jailbreaking. The article said it was to fix the PDF vulnerability. So, yes, you might expect otherwise if you weren't terribly well informed on the topic.

    • by rbrausse (1319883) on Monday July 18, 2011 @09:53AM (#36799446)

      Note: "There was an unknown error in the submission", constantly. I suspect you think this is spam

      nah, /. implemented Hotmails ban of common passwords [slashdot.org] and "swordfish" is on the list...

      as a more serious remark: no, I didn't expect a different outcome of the update. It seems that Apple is way too exposed, the [add color]-hat scene has a new interesting opponent - it is boring to hit guys already lying on the ground. But Apple fights like hell to keep their secrets secret, obviously irresistible for hackers.

      This reminds me of the PS3 debacle: The system was attacked after Sony removed the playground "other OS", I believe that a more open approach for iDevices (like store-independent software installation) would decrease the breaking attempts.

      • by ultranova (717540)

        But Apple fights like hell to keep their secrets secret, obviously irresistible for hackers.

        Apple doesn't fight to keep their secrets secret, it fights to sell you their iCake yet keep it too.

        Frankly, it's about time this idiocy stops. In no other business can you sell someone a device, then charge for its use. And program industry with their "licensing" nonsense is even worse. Can't these creeps be dragged to the court and dealt with, so the industries can heal and start working according to the normal co

        • Frankly, it's about time this idiocy stops. In no other business can you sell someone a device, then charge for its use.

          I'm not sure what you mean. Assuming this isn't a general comment on charges for mobile phones... What charges for use?

        • by BitZtream (692029)

          Frankly, it's about time this idiocy stops. In no other business can you sell someone a device, then charge for its use.

          So at no point in your life have you ever seen a 'telephone' then have you? You buy the phone then pay to use it, its been that way since the government stepped in and stopped it from being you paid out the ass to lease a phone and out the ass to use it.

          • Ah, but wait. You only need to pay to use the telephone on someone's network - I.e. paying for service. You're free to take that telephone and hook it up to your own internal network and not pay a dime. You can take that telephone apart and use it for anything you want without paying any service - the only time you need to pay for service is when you want to use someone else's network.

        • by krizoitz (1856864)
          You mean like video game consoles, computers, etc. which all charge you for extra games/software? You mean like a car where you have to pay for gas in order to keep it running? Or perhaps a gallon of milk which requires you to purchase another gallon after you've used it? Apple sells you a device, after which you are free to do with it as you wish. However if you wish for it to continue to be supported then yes, you are more limited in what you can do. The difference between Apple and Sony is that Sony
          • by ultranova (717540)

            You mean like a car where you have to pay for gas in order to keep it running?

            Do you have to buy that gas from the manufacturer or through him? Is there something stopping you from using whatever additives you desire?

            But yes, cars are going in worse direction: many newer ones are made intentionally difficult to service without the manufacturer's specialized tools. This is a trend that's noticeable else where too: for example, consider printers with a challenge-response authentication for the printhead/ink

            • by krizoitz (1856864)
              You can do whatever you want with your iPhone after you buy it, doesn't mean Apple has to support or help you do it.
        • Just a side comment, but when they sell you a car, don't they tax you for the roads through gasoline? Isn't that 'charging for it's use'?

          You can use a cellphone off network for zero charge. You'd have the equivalent of an iPod touch. Cellphones are devices that need a network to run, much like cars need roads to run, and thus you pay seperate charges for the roads and for the device itself.

          There are countless other examples. You buy a TV, then pay to use cable. You buy a heater, then pay for fuel.

          While you

      • by macs4all (973270)

        This reminds me of the PS3 debacle: The system was attacked after Sony removed the playground "other OS", I believe that a more open approach for iDevices (like store-independent software installation) would decrease the breaking attempts.

        This is an interesting comment (for once); So I will give it a considered reply (that someone will instantly discount solely on the basis of my username). But anyway...

        While what you propose is a superficially sound idea, it does not bear up under scrutiny. Why? Because as soon as you "Tear Down These Walls", and allow "sideloading" (what an ignorant term!) of non-approved apps, there is instantly a problem, and it's one that all the Anti-Apple /. Users (Not to mention the legions of ACs...) must agree wi

        • So build a little tiny switch into the inside of the device, with a little hole for a pin to access it. By pressing that switch, you enable developer mode which is open. Press it again and it goes back to locked mode.
          That way normal users can be secure in their walled garden, and power users can get what they want easily.
          It's the approach the Chromebooks are using, and I'm impressed. I, for one, won't buy a device I can't completely root(and has an unlocked bootloader, for running custom OS's), but others m

    • by jo_ham (604554)

      Well, I expected a patch, but it wasn't to "stop jailbreaking" as much as slashdot would like to think so. It's not some machiavellian plot to thwart homebrew, but a patch to close a gaping security hole (you know, what Apple gets flamed for "not doing quickly enough").

      Colour me unsurprised they patched a hole that allowed root escalation via the PDF handler. I would call that "due diligence", and would be lauded by slashdot if it were fixed by anyone except Apple.

  • by Anonymous Coward

    Tethered is much easier to do, and much less useful, since it requires re-doing it after every device reboot.

  • Dear hackers (Score:4, Interesting)

    by Anonymous Coward on Monday July 18, 2011 @09:37AM (#36799246)

    Thanks to your desire to run any software you wish, you're finding security holes for Apple, free of charge.

    Keep up the good work.

  • Although it did take /. longer to have the follow up to this story [slashdot.org].
  • by Anonymous Coward on Monday July 18, 2011 @09:38AM (#36799256)

    No, this isn't a new jailbreak. It's an existing exploit which uses the same hardware exploit found by Geohot MONTHS ago. The exploit install software is now configured for the new iOS version is all. This is why it's a TETHERED exploit, as the untethered exploit add-on no longer works in 4.3.4.

    Is anyone technical even working at Slashdot anymore?

    • by DavidTC (10147)

      No shit. The fact you used to be able to jailbreak your phone by visiting a website was not, in fact, a good thing. At all.

      I'm against all sorts of restrictions on devices sold to people. I'd even argue we should make it illegal to restrict them that way, although for safety we should perhaps require some sort of protected reflash to jailbreak them, so normal consumers don't have to worry about viruses.

      But, legally, people should be able to walk into an Apple store and demand root on their phone, and Appl

      • by FirstNoel (113932)

        Seconded...

        When people can get "root" on your pc from you visiting a website....that's bad...

        Why should your phone be any different?

      • by punit_r (1080185)

        That is my ideal world. Companies should not be allowed to keep control of devices they sell you. (Note this isn't the same as unlocking the phones, which I don't think they should have to do.)

        I'm curious. While you argue in favor of jailbreak as a right of the customers, you are not okay with unlock.

        Why is it okay for a company to disallow use of a product with any network. Once the customer has paid for the phone, its his/her choice which network to use.

        • by DavidTC (10147)

          I'm not in favor of unlock because while normal people pay the termination fee (And thus should have their phone unlock.), you apparently don't know about the actual reason for locking phones.

          Specifically, people walking into AT&T stores with stolen credit cards, use that name, get an iPhone and a 'contract', and walking out and resell it.

          I'm all for requiring the phone company to unlock any phone that you've actually paid off, either with time or a termination fee. The thing is, they already do that.

          • by exomondo (1725132)

            Specifically, people walking into AT&T stores with stolen credit cards, use that name, get an iPhone and a 'contract', and walking out and resell it

            What bunch of complete and utter morons enter into an ongoing contract with someone that just has a credit card and no identification to back it up?! Their stupidity isn't a reason to impose that restriction on customers.

      • by sjames (1099)

        Why shouldn't they also have to unlock the phone? You're paying for it and the termination fees on a service contract assure you will pay for it even if you switch providers.

        • by DavidTC (10147)

          Because people steal iPhones. They pay for their contract with a bogus credit card, walk out of the store, and resell them.

          • by sjames (1099)

            That's between the crooks and their carriers. People steal all sorts of things from chewing gum on up to heavy equipment. That's not a valid reason to impair everyone's ownership of what they pay for.

            If the carriers would like to find a cooperative solution, perhaps they should agree to provide the unlocking codes themselves after enough payments have been made to satisfy them that the customer is legitimate and in return, we can cut them a little slack for the first few months.

          • by PReDiToR (687141)
            And they then get added to IMEI blacklists that make the phone useless.*

            Carrier locks have nothing to do with fraud or theft, unless it is fraud on the part of the carrier by making people use the phones they sold them on their generic network signal.

            * In the UK this happens. Does the other side of the pond use the IMEI database to make iPhones into iPod Touches too?
            • by DavidTC (10147)

              From what I understand, the IMEI blacklist is almost useless, because almost every phone has the ability to change IMEI numbers.

              • by PReDiToR (687141)
                Up to five years in jail in the UK stops a lot of people from doing it, that and it's actually quite hard to find the instructions on "nice" forums.
                • by DavidTC (10147)

                  Erm, yes, up to five years in jail stops 'legitimate owners' from doing it.

                  It really doesn't stop people who stolen a phone.

      • by StikyPad (445176)

        The fact you used to be able to jailbreak your phone by visiting a website was not, in fact, a good thing.

        Mostly true, however I might add that these exploits will almost inevitably exist as long as software originates with humans. I'm glad we're seeing them used for "good" with jailbreaks rather than for evil. Comex could easily have offered his services to the highest eastern European bidder instead of releasing a jailbreak (with the caveat that the jailbreak may well install a trojan horse for all I kn

    • by ccguy (1116865)

      Is anyone technical even working at Slashdot anymore?

      Yes, but but we still don't RTFA.

  • Tethered jailbreak (Score:5, Informative)

    by L4t3r4lu5 (1216702) on Monday July 18, 2011 @09:39AM (#36799264)
    This jailbreak requires you to have your phone connected to your computer at every reboot in order to root it, and root is lost if phone is rebooted without connecting to the computer.

    The PDF font handling vulnerability gave you perma-root (unthethered) and could also be used as a drive-by exploit.

    In short, misleading title is misleading.
    • But once you have root, why can't you just change that?
      • I may have misused the term "root", as I use an Android phone (rooted, obviously :) ). "Jailbreaking" iOS may not be the same as permaroot, hence not being called "rooting", and if that's the case it's my fault for using the improper term.
        • by barzam (1808386)
          The term "root" is to be understood as "administrator rights". So once you have opened the PDF or whatever your compromised phone downloads and installs another program that persists after the phone has rebooted. In turn, this program can keep sending those sms or log your data or whatever it does.
        • by tlhIngan (30335)

          I may have misused the term "root", as I use an Android phone (rooted, obviously :) ). "Jailbreaking" iOS may not be the same as permaroot, hence not being called "rooting", and if that's the case it's my fault for using the improper term.

          No, you're correct. Jailbreaking gives you root. It refers to breaking out of the jail() that iOS puts on apps, and as a side effect, also gives you root.

          However, iOS has a few more security protections that make it harder to KEEP root. After all, Cydia and the like must r

          • by Myen (734499)

            Do you happen to know how the drive-by PDF exploit manages to keep root, then? I'm curious as I don't see how arbitrary code execution via a PDF vulnerability differs from arbitrary code execution via a cable - what sort of magic allows the former case to bypass the security checks that the latter can't duplicate?

    • by Dunbal (464142) *
      How often do you reboot your phone? And don't you want to connect it to your computer after you do anyway, to restore stuff?
      • by nabsltd (1313397)

        How often do you reboot your phone? And don't you want to connect it to your computer after you do anyway, to restore stuff?

        Why would you need to restore after a reboot?

        I don't restart my phone (Android) that much, but sometimes an app dies and leaves the phone in a less than desirable state (e.g., un-killable background tasks that eat the battery). I've never lost any data because of a restart.

        • by garaged (579941)

          Samething with ipad, but it happens every 2-3 weeks, so it is not that anoying really, I updated to untether the jailbreak
          Ast weekend after some 6 months running on tetherd jailbreak and I had rebooted at most 3 times in that ammount of time

          BTW the update was showing on itunes since saturday at least, I had to do a partial upgrade because of that

      • Perhaps you misunderstand the meaning of reboot? I reboot my JB Ipad all the time (Bluefire reader crashed the ipad after JB, back to Stanza which wasnt working properly before the JB go figure) I have never had to restore anything after a "reboot"
      • Rebooting in this instance (and all instances, AFAIK) means to power off and back on. This is not a destructive process (wiping, flashing, recovering etc). The temporary jailbreak for 4.3.4 does not persist through the phone being powered off and back on.
      • by drinkypoo (153816)

        You must be thinking of older Windows Mobile devices from the era just before flash got cheap. They have only enough nonvolatile storage to hold the operating system and a handful of apps...

    • by Jim Hall (2985)

      > In short, misleading title is misleading.

      And old meme is old.

  • Is there anything that is quite as effective as bragging rights to drive innovation (besides Economics, of course)? I don't know if security on iOS could get any better faster if you didn't have a determined group trying to break it publicly.
    • by Slur (61510)

      ... and in what universe does any device go unmolested? That there are crackers is just a given at this point.

  • The relevant question is: How many days until they come up with an untethered break? I give it no more than 2 weeks, tops.

  • I guess "iOS 4.3.4 Prevents Hacking and Jailbreaking" wasn't true after all.

    • by PNutts (199112)

      I guess "iOS 4.3.4 Prevents Hacking and Jailbreaking" wasn't true after all.

      It was for about 12 hours...

      • by Slur (61510)

        Not so much. "iOS 4.3.4 prevents you from hacking or jailbreaking..." would be better.

  • It's a shame Sprint has abandoned the HPalm line. Hopefully it will gain traction on Verizon and ATT. No 'jailbreaking' necessary. The platform is open and easy to modify to your heart's content. HP actively recognizes, encourages, and works with the homebrew community.

    http://www.webos-internals.org/wiki/Main_Page [webos-internals.org]

  • by SuperKendall (25149) on Monday July 18, 2011 @12:01PM (#36800778)

    In two separate stories now, it has been put forth that Apple pushed out this fix with the mustache-twirling intent to stop jailbreaking.

    Well obviously not, since the problem that lets tethered jailbreaking work is without issue. The REAL reason Apple "broke" untethered jailbreaking is that it was a gaping flaw in PDF handling that would let an attacker gain control of the system.

    I realize Slashdot has a more general readership these days but surely anyone can see that leaving an exploit like that unlatched is bad. In fact other companies have been chastised for leaving holes like that open for too long, and rightfully so...

    So please let us drop the pretense that every security patch is Apple out to stop jailbreaking. Apple in fact does not really care if you jailbreak, and is using it covertly to see what new features might be good to add to the platform by viewing the experimental jailbreak community... sometimes not so covertly as the case of them hiring the guy who did jailbroken notification handling to fix notification handling in iOS5! I can't think of a clearer signal that jailbreaking has at least covert approval within Apple.

    • I agree. Considering how easy it is to jailbreak ios devices and the original Apple TV, it seems obvious that that Apple puts little effort into blocking hacks that require physical access to the device. Obviously, with the film and music industry on board, they can't make an open device. But with this "cat and mouse" game, the mouse will never win, and any attempt the cat makes to win (completely lock down the device) is doomed to fail. Look at xbox, ps3 and WII. It's better to be the cat in a cat-and-mou
      • by drinkypoo (153816)

        It's better to be the cat in a cat-and-mouse game than the hangman in a hangman game.

        Seems to me like that depends largely upon your point of view...

  • When I saw that the IOS 4.3.4 Un-jailbreakable! [slashdot.org] story was still on the front page when this came out. And remains there as of this writing.

We are Microsoft. Unix is irrelevant. Openness is futile. Prepare to be assimilated.

Working...