iPhone 4 (etc) drive-by unlock: friend or foe?

Stephen Withers
Wednesday, 04 August 2010 09:56

Your IT - Mobility

Security researchers are warning that a drive-by jailbreak for iOS 4 and earlier could be used to drop malware onto iPhones, iPads and iPod touches.

Jailbreaking the iPhone has been popular in some circles practically since the device was first released. While many owners are happy to use only software sanctioned by Apple and distributed through the App Store, others feel the level of control exerted by the company is unacceptable and jailbreak their iPhones in order to install software from other sources.

Jailbreaking is also a prerequisite to unofficially unlocking the handset so it can be used with other carriers. This aspect seems particularly relevant to US owners, as carriers in other parts of the world will unlock at little or no charge (or, in the case of Telstra, $A150).

A recent ruling by the US Library of Congress held that jailbreaking and carrier unlocking are 'fair uses'. There were previously suggestions that copyright law could be used to prohibit such modifications. The decision doesn't mean that vendors such as Apple are required to simplify such operations, only that they cannot use the DMCA against those who provide or use tools for these purposes.

A new web-based jailbreak for iOS 4 developed by the makes life easy for would-be jailbreakers, as all they need to do is visit a certain web page developed by someone that goes by the name of 'comex' on Twitter.

According to Symantec's Kevin Haley, the jailbreak exploits two vulnerabilities, one in Safari's handling of PDF files to get the code onto the device, and a second to obtain root privileges. He warned "it is quite possible for an attacker to alter the existing payload for a malicious purpose."

CONTINUED