Exploit

iOS 4.3 untethered jailbreak exploit handed over to Dev-Team

By Allyson Kazmucha, Wednesday, Mar 30, 2011 a 11:45 am

Developer Stefan Essen recently demoed an iOS 4.3 untethered jailbreak exploit on video. Today on Twitter, he has stated that the exploit has been turned over to the iPhone Dev-Team. He stated when he released the demo video that he had no intention of releasing a jailbreak tool himself.

iPad 2 and iOS 4.3 state of the Jailbreak

By Allyson Kazmucha, Thursday, Mar 3, 2011 a 4:03 pm

Will I be able to Jailbreak iPad 2 running iOS 4.3 when it launches? Thats a question on a lot of user's minds. We already know the jailbreak community is working towards an iOS 4.3 jailbreak. What we "do" know is that a tool won't go official until iOS 4.3 is out of beta and in the hands of consumers. Most of the reason behind this is so Apple doesn't patch it in a last minute update.

SHAtter bootrom exploit possibly leaked, what it means for jailbreakers

By Allyson Kazmucha, Wednesday, Dec 22, 2010 a 11:35 pm

The SHAtter exploit found by pod2g appears to have been leaked. Who leaked it and for what reason is still unclear. What is clear is that Apple will certainly find a way to patch the hardware if it did in fact leak. When Limera1n was released, it kept the SHAtter bootrom exploit safe for future jailbreaks as it would require a complete hardware revision to be done by Apple.

SHAtter basically used a hardware exploit in the A4 series of devices (iPhone 4, iPad, AppleTV 2nd generation, and iPod Touch 4G). You can bet Apple will make a hardware revision to patch SHAtter. It seems there is some drama between some members of the jailbreak community over who actually "leaked" the SHAtter exploit.

@P0isixninja of the Chronic Dev Team is pointing a blame finger to @Musclenerd. As Musclenerd concentrates on unlocks, it seems unreasonable to think he'd leak an exploit he would need in order to create an unlock. Click through for a response to the drama from @comex, who claims if it doesn't stop, he'll just e-mail the exploit directly to Apple. Not good news for the jailbreak community.

Paypal for iPhone Wi-Fi exploit discovered, patched

By Allyson Kazmucha, Thursday, Nov 4, 2010 a 8:51 am

It seems a security hole in Paypal's iPhone app has been discovered that would allow hackers to access user's Paypal username and passwords over Wi-Fi. The "man-in-the-middle attack" let's the hacker come between the user input information and Paypal's servers. Although this is dangerous, it does require the hacker to be on the same Wi-Fi connection as the user in order to steal their information.

iOS 4.1 security flaw allows calls to be made on passcode locked iPhone

By Staff, Monday, Oct 25, 2010 a 7:51 pm

It looks as if there's yet another Phone.app security hole, this time in iOS 4.1 that allows someone to get around a passcode locked iPhone, gain access to the owner's contact list, make calls and send emails to anyone in said contact list. From MacStories:

Geohot exploit + Comex userland tools to keep Apple A4 iPhones Jailbroken and untethered Forever

By Staff, Saturday, Oct 16, 2010 a 3:28 pm

iPhone Dev Team's MuscleNerd has announced via twitter that Comex's Userland Tools can be used to keep all Apple A4 chipset-based, Jailbroken iPhones, iPod touches, and iPads untethered for all future firmware releases. Coupled with Geohot's limera1n exploit which will work on all current A4 devices for the duration of their lifespan, and iPhone Dev Teams custom pwnagetool which will keep your baseband unlockable, Jailbreakers can look forward to being up to date with all current firmware releases without any worry of losing their Jailbreak or Unlock status.

Apple to patch Jailbreakme.com, PDF font exploit in upcoming software update

By Rene Ritchie, Thursday, Aug 5, 2010 a 10:53 am

I think we all generally assumed this, but it's nice to see Apple going on record as saying they'll patch the PDF font exploit that currently allows Jailbreakme.com -- and potentially any malicious hacker out there -- to run code on an iPhone with just the tap of a web button. CNET scored the quote from an Apple spokeswoman:

"We're aware of this reported issue, we have already developed a fix and it will be available to customers in an upcoming software update."

Regarding Jailbreak, exploits, and maliciousness

By Rene Ritchie, Monday, Aug 2, 2010 a 7:38 pm

Last night during iPad live I ranted on about how a web-based Jailbreak, like the recent iPhone 4/iOS 4.x/iOS 3.2.x release showed a dangerous exploit that Apple needed to patch immediately before someone evil got a hold of it and began malicious attacks.

Black Hat: SMS Attacks Not Just for iPhones

By Rene Ritchie, Thursday, Jul 30, 2009 a 4:25 pm

Technologizer is reporting on the developing story on SMS attacks coming out of today's Black Hat Conference sessions. Seems like while the iPhone is grabbing a lot of attention, almost all GSM phones are said to be vulnerable. Basically, they get around the anti-spoofing security and send data designed to get access and take control of the phone.

On the iPhone specific side, however:

Charlie Miller to Demonstrate iPhone SMS Hack at Black Hat Conference Today

By Rene Ritchie, Thursday, Jul 30, 2009 a 6:46 am

UPDATE: Some folks are telling is that this is an iPhone 2.2.1 exploit already patched in

Almost a month ago we linked to an Engadget report on Charlie Miller and his SMS exploit for the iPhone. Well, today is the day he intends to show it off at the Black Hat conference.