Apple Seeking iPhone OS Platform Security Manager: What does this mean for Jailbreaking?
Apple is currently hiring and is in search of an iPhone OS platform security manager. What does the particular job consist of? Here is the low down:
The team is responsible for secure booting and installation of the OS, partitioning and hardening of security domains within the OS, cryptographic services, and risk analysis of security threats. The team is made up of a variety of security experts with backgrounds in system security and reverse engineering.
The more secure Apple makes the OS the harder it will become to find and use a particular exploit -- for good, like our beloved jailbreak, or for evil, like we've seen with computer viruses, malware, etc.
Now don't get us wrong, we are pretty sure that one person will not do away with our beloved jailbreak but this does raise some questions. Is Apple really concerned popular mobile devices will get attacked the way PCs do today? Or are they just done putting the practice of preventing jailbreaking (and the unlocking and app piracy that sometimes goes with it) on the back burner?
What do you think this may mean for the future of the jailbreak if anything? Sound off in the comments below!
[Job listing via Ars]
| Tweet |
|
|
Next up →
iPhone in China -- Only 5000 Served?Leave a Reply
Note: Comments must be civil, respectful, and on-topic. If a comment does not add to the conversation, if it contains spam advertising, or inappropriate language or content, it will be removed. Insulting the topic, author, staff, site, network, or other commenters will result in the comment being marked as spam and potential prevent future comments from appearing on the site. Do not post as a business or your comment will likely be confused with spam. Comments containing links may be held for moderation. Relax, enjoy, and share in the discussion.
Maybe they should try to hire @Geohot for six figures. Making a jailbreak proof iPhone just doesn't seem likely anytime in the near future. Certainly it has to be too late to add it to the new 4th generation coming this summer.
Seems to me that theyre trying to prevent the jailbreak.Hmm well theyre no where close to it.Theres people out there who still know how to do.Look at geohot hes done it.But i wonder whats taking the devteam so long??
Well sounds bad bur I'm sure someone will find that exploit and give the jb cummunity another chance
Good. The jailbreaking community these days are just pirates... No loss if they disappear onto another platform.
I think lots of complains will come if Apple can truly disable jailbreaking. Unless of course, iPhone is no longer exclusive to just one career.
If I can no longer jailbreak my iPhone I would get a Droid instead.
One thing I have to say. If Apple makes the iPhone more customizable then this things (jailbreaking) won't be happening.
@frog - Don't be a hater because your iPhone is inferior to mine since it is locked out from so many great features the device is capable of that Apple has deemed unimportant.
@john - I will be in line right next to you. 100,000 apps is a huge number, but what good are music apps that stop playing music when you attempt to reply to a text?
"Good. The jailbreaking community these days are just pirates… No loss if they disappear onto another platform."
@Frog
And why is that? Sure, everyone is entitled to their opinion, no matter how arrogant and nonsensical it is. Just because there are those (many, I might add) of us who choose to expand on the functionality of our devices and have to do so through an alternative measure as the creators of these otherwise wonderful devices feel it necessary to continue to make it an incredibly closed source system...we are pirates?
Just because I downloaded free programs and/or appropriately paid for programs that allow me to view my calendar entries on my lock screen; get notifications of new messages on my status bar; have pictures next to my contacts names in my contact list; and have less mundane toggle-style controls for my wi-fi, 3G, etc from my home screen; which, by the way has (heaven forbid!!!) my own chosen wallpaper background and five icons per row and on my dock...I'm a pirate?
Yes, some of the people who jb take advantage and DO pirate apps, media, and whatever else. But certainly not everyone...which again leads me back full circle to your statement being either severely misinformed, or extremely ignorant, arrogant, untrue, and pointless.
Dumb***
Why aren't iPhones already as sercure as macs ? They already have people made mac OS , why not use those same people to secure the iPhone OS.
There will never be an un-hackable solution. The iPhone will always be able to be hacked someway, somehow. All Apple can do is slow the process down. And if for some miracle by Apple they manage to ever fully lock out the iPhone and not allow some type of user customization and for christ sake multitasking..... they will loose A LOT of customers.
@John I already am getting a Droid. I mean you have to try it out right?
I am jailbroken and I haven't "pirated" a thing. All my apps are paid for or are free from the developer. Why am I jailbroken? Simple. Backgrounder, iPhoneModem, MobileTerminal and themes.
I'm with everybody else. If Apple somehow successfully locks down the iPhone where there was no more jailbreaking, I would leave to a Android device.
You know i was thinking the very same thing as iphoneidiot, Mr Jobs should offer geohot the position along with the dev team but then we'd all become WinMo users blah blah blah
@OmariJames
As its performance at pwn2own and other conferences show, the Mac is neither totally "secure" nor immune from exploits. Part of the Mac's reputation for security stems from the fact that few bad guys will fiddle with the locks on 5% of the market, when the doors are wide open on the other 95%. Mac security is not bad mind you, and the iPhone is likely at least as secure, but what has worked for the Mac will not be enough for the iPhone.
However, where on the desktop we Mac users could hide in the shadow and watch the 800 pound gorilla take all the fire, in the mobile market the iPhone is the 800 pound gorilla, and will draw the most fire. With this move, Apple is recognizing that with the iPhone's dominant market position, trusting in a low profile is not enough, and they had better step their security game up a notch.
I love my iPhone jailbroken, but if or when the day comes that I can no longer jailbreak, it'll be okay with me. No big deal. I can live with the iPhone out of the box if I have to. My day doesn't revolve around my iPhone like some other people. There are far more important problems in the world than having to go into the Settings app, or not having Backgrounder.
This is a great opportunity for someone to infiltrate Apple an make sure jailbreakers always have a back door. Any takers?
I agree with Chris M that there is no unhackable mousetrap . . . er, system. But I think there is a very real concern at Apple that the iPhone will become the target of malware, viruses, etc. for that very reason. Apple rightly sees the platform as a personal computer and not as a 'phone' and as the number of units (they're selling nearly 1,000,000 of these puppies a day) grows, so does the threat of a single attack having a profound impact on us all.
I see this being more of a response to cracked apps but JB just gets affected indirectly. I don't think they care about JB users deep down because the user has already paid money for the phone and the carrier's services. However if more and more apps become pirated that cuts into revenue that would have been theirs. I've always said the one thing iPhone users can boast about is the amazing amount of apps available so combating the piracy I support that. The concern about viruses and malware would be funny if it was a concern since they have less concern about those thing on the Mac OS so for something wayyyyy newer it just seems ironic to me. However like anything else virus and malware creators aim for whatever has the largest impact and biggest usage. The only problem they will run into is whatever a human creates, a human can break so although it may be harder I think other exploits will be found.
By then we'll all be using Android anyway!
@Fassy:
This is largely a restatement of Bill Gates FUD.
It goes something like this:
The truth of the matter is more like this:
Linux, and to a lesser degree Mac systems are much harder to attack than windows for a whole variety of reasons, some of which I am sure you are aware, others maybe not.
The iPhone is immune from attack for the most part UNTIL clueless Jailbreakers (and certainly not all jailbreakers are clueless) install ssh and fail to do even the most rudimentary thing to protect the phone. There was a story here on TiPb just the other day about this.
Apple doesn't care much about security. They DO care about money. The Pirates have pissed off the Accounting department.
The best bet would be to find a way to fight piracy without pissing off your customers, (even jailbreakers are customers). But I bet Jobs' personality does not lend itself to this approach, and the iron fist will come down on jailbreakers.
@Frog
that is an incredibly close-minded and ignorant statement you just made.
Go take a look at the jailbreak forum here, or on HoFo, or any other iPhone site, they do NOT tolerate discussion of cracked apps. You will find myself, mods, and several other jailbroken members get pretty heated when someone even mentions cracked apps, not to mention that the mods come down with the ban hammer on those who do discuss pirating.
We all understand devs put in their time and worth. TiPb posted a blog a few days ago talking about how the MOST app purchases actually come from people who ARE jailbroken. Make sense of that out of your ignorant statement. We know how to use our phones to their full potential, it doesn't mean we are pirates. If an app will be useful to me, I'll buy it. Point blank. And probably over 90% of other jailbreakers feel the same.
The actual percentage of people who jailbreak to pirate apps is very small compared to those who just want the functionality jailbreaking offers. God forbid I want my own custom wallpaper instead of a boring black one and want to change the color of my chatbubbles. I'm so terrible.
Anything that can be locked can be unlocked. Period. It doesn't matter how much time they put into this. There will always be a way to open up our iPhones and let us use them OUR way. However, it might take some recruitment on the part of the Dev Team. Those guys are talented, but we might be moving into the next level of battle. Honestly, the added functionality I get through jailbreaking this the only reason I use an iPhone. You hearing me Apple? The iPhone is a nice platform and the tools I can get through Cydia are what's keeping me. Not another fart generator.
@icebike
You misunderstand me. I never said that Macs are easier to hack than Windows machines -- my first analogy even portrayed Macs with locks and Windows with an door open. I am fully aware of the fundamental differences between Windows and *nix based systems when it comes to security. Yes, Windows is easy to compromise. No argument there.
However, you do not give the network effect nearly enough credit when it comes to cracking Windows. Think of it as the cracker equivalent of OSS development -- the more eyeballs on the problem, the more rapidly the field advances. They bigger payoff attracts more, and more professional, bad guys to the Windows party. Do I have proof? No -- but it is worth noting that at pwn2own and similar conferences where the prize is equivalent across platforms, Macs tend to be compromised in similar timeframes as Windows machines. On the desktop Mac, Apple has been able to get away with not implementing features like ASLR in part in part because the *nix foundations make it harder for a script kiddie to get in where the lack of ASLR would pose a problem, but also in part because there are far fewer motivated people actively trying to get in.
The rest of your post should begin "The iPhone is immune from attack as far as you know for the most part..."
The SMS exploit in 2.2.1 did not require jailbreaking, much less SSH, but it was there, and the iPhone platform was vulnerable. The fact nobody (publicly) was aware before Charlie Miller demonstrated it did not mean the exploit did not exist. I doubt there is a similar vulnerability out there in 3.x, but it is silly to claim that the platform is "immune" because one has yet to surface.
The iPhone is a victim of its own success (true for nearly every platform except...RIM?).
As the phone grows and grows, its only going to get worse. Apple has failed at every attempt to make the iPhone secure (as long as it keeps its OSX base, it will continue to be compromised, via jailbreak or any exploit) and i feel this is really going to be more common as smartphone sales continue to explode and the phones practically become pocket computers.
I doubt apple would lose much business if the iPhone were jb proof. Sure alot of you will scream like a five year old in the grocery store that can't have the candy they want. But when it came down to it most would keep their precious iPhone.
I for one am a huge fan of the closed ecosystem. Me and most average Americans have no business rooting around in computer code. I want a phone that works flawlessly and I want it easy to use and I dont want to have to have a degree just to learn how to use it. Cracking the platform invites too many potential problems that I am ill equiped to deal with.
So yes. I support Apple's big push on security. I hope this phone gets locked down tighter than a knats bunghole!
This is kind of a joke, right?! Does Apple worry about "jailbreaking" or "unlocking" Mac computers? No. Why should iPhone/iPod Touch be ANY different?
Consumers want to do as they wish with devices THEY paid for...
http://blackra1n.com/ is one such tool enabling such freedom...
Last
I'm about to buy a copy of the pro version of Simpleviewer, but it'd be great if you offered an easily customisable branding element with a customisable link back to the site where it's hosted. Unless I'm missing something, if I wanted to add a personally branded link in, I'd need to edit the original Flash file. It'd be nice if that were a bit easier.