JailbreakMe Exploits Serious iPhone Security Flaw

JailbreakMe raises the issue that malicious attacks might also be able to compromise the iPhone as easily.

By Tony Bradley, PC World |  Security, iPhone, jailbreaking

JailbreakMe makes the process of jailbreaking the Apple iPhone much simpler and less intimidating. Just visit a Web site on the iPhone, and voila! Jailbroken iPhone. Think about that for a minute, though. The simple act of visiting a Web site is able to fundamentally alter the core functionality of iOS.

Since the dawn of the iPhone, hackers have developed various tools and processes to enable users to circumvent the controls and restrictions put in place by Apple. In the wake of the United States Copyright Office ruling that jailbreaking the iPhone is technically legal--at least from a copyright and DMCA (Digital Millennium Copyright Act) perspective--having a tool that can accomplish it simply by visiting a Web site is awesome for less technically savvy iPhone owners.

However, if JailbreakMe is capable of unlocking the iPhone operating system by taking advantage of a flaw in the way the iPhone renders Adobe PDF files, then other applications can also exploit that same flaw for less-benevolent goals. What JailbreakMe illustrates is that the iPhone has a serious security issue that Apple needs to address.

For companies that allow the iPhone to connect with network resources, or that have embraced the iPhone as the business smartphone of choice, both the JailbreakMe tool itself, as well as any other malicious attacks that might circumvent iOS controls using the same method represent a security concern.

IT admins can use a tool like MAD (Mobile Active Defense) for the iPhone to monitor and enforce security policy on iPhones. Winn Schwartau, chairman of M.A.D. Partners, LLC--developers of Mobile Active Defense--explains that, with jailbreaking, "iPhone users can now download apps from anywhere they choose, not just the iTunes store. This signifies a far greater risk to companies who are trying to leverage the unique capabilities of the Apple platform. But, Mobile Active Defense provides a strong, workable and automatic solution that solves the jailbreaking problem on corporate networks."


Originally published on PC World |  Click here to read the original story.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question
randomness