iPhone 4 jailbreak app goes live

Simon · Aug 03, 2010, 09:42:59

It's the message tones, not the ringtone, Lance, particularly the email alert, which is very quiet, and there's no on screen notification either, when the phone is in standby.

Glenn · Aug 03, 2010, 17:52:35

http://www.theregister.co.uk/2010/08/03/ios_jailbreak_howdunnit/

It's a PDF hack apparently

Rik · Aug 03, 2010, 17:55:01

The PDF being used for illicit purposes again... I never thought, when I worked for Adobe, that I'd read about corrupted fonts being used to unlock/infect machines.

pctech · Aug 03, 2010, 18:15:13

They'll try anything it seems.

Rik · Aug 03, 2010, 18:19:24

I know. It makes you want to go back to DOS and the command line, doesn't it.

pctech · Aug 03, 2010, 19:02:13

Definitely.

Simon · Aug 04, 2010, 22:42:54

Security flaw in Apple iPhones gives hackers control

The same flaw used to jailbreak Apple's iPhone and iPad could allow hackers to enslave the mobile devices, according to security firms.

The PDF flaw affects Apple's iOS, which also runs the iPod Touch, and could allow hackers to take complete control of a vulnerable device.

"Two vulnerabilities have been identified in Apple iOS for iPhone, iPad and iPod, which could be exploited by remote attackers to take complete control of a vulnerable device," said McAfee's David Marcus on the company's blog.

"The first issue is caused by a memory corruption error when processing Compact Font Format (CFF) data within a PDF document, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page using Mobile Safari," he said.

"The second vulnerability is caused by an error in the kernel, which could allow attackers to gain elevated privileges and bypass sandbox restrictions."

According to McAfee's Marcus, these flaws were the same ones used by Jailbreakme to remotely jailbreak Apple devices.

More: http://www.pcpro.co.uk/news/security/360031/security-flaw-in-apple-iphones-gives-hackers-control

Rik · Aug 05, 2010, 09:33:27

The PDF has not quite worked out the way Adobe planned it.

Technical Ben · Aug 05, 2010, 16:47:42

Well, at least it's not as bad as flash... oh wait.

Rik · Aug 05, 2010, 17:00:52

pctech · Aug 06, 2010, 13:53:14

Not quite sure why Adobe acquired Macromedia

Rik · Aug 06, 2010, 16:13:29

To stifle opposition?

Steve · Aug 15, 2010, 17:36:55

Well I bit the bullet and all seems well, trialing use the iPhone has a wifi hotspot

Rik · Aug 15, 2010, 17:43:54

Glenn · Aug 15, 2010, 17:59:37

Is your MiFi not working, Steve?

Steve · Aug 15, 2010, 18:10:24

It is Glenn, but there is the odd location at work were I can't get a Three data connection , so MyWI is free for 10 days so I thought I'll give it a try

TheMonkey · Aug 16, 2010, 16:11:04

FYI

The new Apple update (4.02) Fixes this issue by the way so be careful.

Steve · Aug 16, 2010, 17:00:02

I agree 4.02 closes the off the potential pdf exploit so no jailbreak possible but cydia also have a patch to close the exploit once jailbroken. I also managed to change the root password via ssh.

Rik · Aug 16, 2010, 17:07:14

I just phoned home.

Simon · Aug 16, 2010, 17:12:48

Excuse the ignorance, but is it still possible to jailbreak these now, or not?

Rik · Aug 16, 2010, 17:16:57

You call that ignorance, I got lost on page 1.

Simon · Aug 16, 2010, 17:17:53

Glenn · Aug 16, 2010, 17:25:20

Quote from: Simon on Aug 16, 2010, 17:12:48
Excuse the ignorance, but is it still possible to jailbreak these now, or not?

Not using Jailbreakme afaik

Steve · Aug 16, 2010, 17:33:57

If you've updated to 4.02 the answer is no,anything less you can. Although if you saved your SHSH blobs prior to updating to 4.02 you can go back to an earlier version i.e 4.02 to 4.01. The 4.02 was Apple's response to the pdf exploit so is of very little use anyway.

http://www.redmondpie.com/how-to-save-iphone-4-shsh-blobs-ecid-shsh-on-ios-4/

Simon · Aug 16, 2010, 18:25:29

I tend to dispose of all my blobs.