Apple quietly drops iOS jailbreak detection API

By , Network World |  Mobile & Wireless, Axios Sytems, iphone jailbreak

Apple has disabled, without explanation, a jailbreak detection API in iOS less than six months after introducing it. Device management vendors say the reasons for the decision are a mystery, but insist they can use alternatives to discover if an iPhone, iPod touch or iPad has been modified so they can load and modify applications outside of Apple's iTunes-based App Store.

Jailbroken devices pose a serious security threat to the enterprise. Even if the end user doesn't intend to load malware, he will be completely unaware of malware present in unauthorized apps.

Managing smartphones calls for new realism and flexibility

Apple declined to comment.

The new API was part of a bundle of mobile device management (MDM) APIs released in June with iOS 4.0. These APIs were available to third-party MDM applications, such as AirWatch or Sybase's Afaria. With the new APIs, these servers could access directly a range of features and information in iOS or on the device. But in the recently-released 4.2 version, the API intended for detecting jailbreaks has been either removed or disabled.

This detection API let the MDM applications in effect ask the operating system if it had been compromised. Jailbreak exploits typically change a number of operating system files, and exploit one or another low-level OS features to let users directly load their own or third-party applications. In October 2010, two separate jailbreaks made use of different vulnerabilities uncovered in the iOS boot ROM, for example. Apple warns that jailbreaking voids the device's warranty and could damage the phone.

Previously, some MDM vendors had created their own series of OS checks to detect jailbreaks, analogous to those performed by an anti-virus application on a PC, to discover if a jailbreak had occurred.


Originally published on Network World |  Click here to read the original story.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question
randomness