JailbreakMe 3.0 and the iOS PDF flaw: Protect your business

Staying clear of PDF documents and making sure iOS users know not to jailbreak helps businesses avoid risks.

By Robert Dutt, PC World |  Security, ipad, iPhone

But it's important to note that the bug only pertains to the Safari Web browser--PDFs sent by mail and opened in a specific app capable of reading the file are not vulnerable in the same way. If your users can be trained in this difference and to recognize the danger signs, they should still be fine firing up PDF files in their favorite app.

But beyond avoiding PDF files, the flaw and the launch of JailbreakMe 3.0 bring back the ongoing debate of whether or not to jailbreak iOS devices. It's tempting, especially on personal devices, because of the range of software and capabilities not otherwise available through Apple-approved channels.

The Problem With Jailbreaking

But for the vast majority of businesses, the risks of jailbreaking the device far outweighs any potential personal benefits. There's the risk of accessing software that's from unknown and potentially untrusted sources. There's the risk of being unsupported: when devices are brought in for service, Apple checks for the software footprints of a jailbreak, and will deny warranty support if it finds them.

And then there's the risk of lost stability and longevity. At best, users who jailbreak devices will be stuck with the choice of upgrading to newer versions of iOS and getting new features, functionality, and fixes, or sticking with the current operating system and keeping their jailbreak apps. At worst, users can risk making their iDevice unusable.

Either way, it represents a support and policy challenge for any business, and it's wise to make sure users on iOS devices know that the company expects them to steer clear of any jailbreaking activities, and the reasons for which that policy in place.

The (Potential) Good of Jailbreaking

While it's certainly a long shot to say that businesses should encourage or even allow Jailbreaking of devices that are going to be used on the corporate network, the JailbreakMe.com exploit does point out the speed advantages of having a broad, passionate and open community of developers supporting a device.

While Apple is still working on its patch for the flaws in its OS, one of the developers of JailbreakMe has posted a new piece of software, PDF Patcher 2, which fixes the troubling PDF hole. The kicker? It's only available to those who have jailbroken their devices and therefore have access to the unofficial Cydia app store, a collection of repositories for applications for jailbroken phones.


Originally published on PC World |  Click here to read the original story.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

SecurityWhite Papers & Webcasts

See more White Papers | Webcasts

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question
randomness