Last night during iPad live I ranted on about how a web-based Jailbreak, like the recent iPhone 4/iOS 4.x/iOS 3.2.x release showed a dangerous exploit that Apple needed to patch immediately before someone evil got a hold of it and began malicious attacks.
Is this different from any other Jailbreak? Yes and no. All Jailbreaks begin with an exploit -- a mistake in the software code -- that lets outside code get in and run on the device. But that code doesn't have to Jailbreak your iPhone, iPod touch, or iPad. It can do anything. It can paint your screen a lovely color, or it can steal or your personal information and beam it back to hacker HQ. Jailbreak good, virus or trojan bad, but the root of both is the same -- exploit that allows remote code execution. If a Jailbreak can get in, so to can presumably almost anything else.
Web-based exploits -- like one of the original iPhone 1.x Jailbreaks and now the recent iPhone 4, etc. Jailbreak -- are theoretically more dangerous because they're easier to trigger. You don't have to download and run a program or go through all the steps of putting your device in DFU mode. You just go to a website, maybe tap a few times, and boom, you're Jailbroken -- or boom, you're in a world of trouble.
Evildoers could conceivable make fake or compromised versions of *ra1n or Spirit, or whatnot -- that's one of the ways malware spreads in the PC and even Mac world. They could conceivably make infected versions of any Jailbreak or cracked app. And they sure could make fake versions or mirrors of web-based Jailbreak sites.
Should this scare you? Yes. The likelihood of a fake Jailbreak program is probably a lot lower than a fake Jailbreak website, or worse -- just a random website armed with the exploit.
Should Apple fix it immediately? Yes, even though they'll get accused of "shutting down Jailbreak" again. Zero-day, in the wild. This is as bad as it gets. Sure it's convenient and many people want an easy Jailbreak but this is just too easy to go way beyond Jailbreak.
Apple's not the fastest company on the planet when it comes to patching exploits, unfortunately, but hopefully this spurs them on to newer, faster, action.
In the meantime, if you're sophisticated enough to really examine what you click or tap before you download or activate something, if you know the source of what you've got, where exactly it comes from, and what precisely it's going to do before you use it, you're probably fine. If you're the one who's PC keeps getting infected from Limewire downloads and fring pr0n sites, then start being careful. Don't click or tap on random links, don't go to websites you don't trust.
Everything has a good and bad side. Nothing comes without a cost. Breaking into the root jail of an iPhone or iPad means you've stripped away Apple's signing system and sandbox. That can help you get useful customizations and controls, and it can help bad guys get your information.
UPDATE: There seems to be some confusion in the comments. This exploit is potentially dangerous whether you Jailbreak or not. Web-based, zero-day exploits in the wild are serious. Apple needs to patch it asap.
Editor's Desk: The iPod will always have a special place in our hearts
This week saw some crazy news, but none crazier than the death of the iPod.
Nintendo recap: Pokémon HOME will finally link with BDSP and PAL
We learned several things regarding various Pokémon games on both iOS and Nintendo Switch this week. Plus, Nintendo revealed its latest financial report showing us how well the system is doing five years into its life cycle.
Here are 15 shortcuts for Apple's iWork apps on both iOS and macOS
Pages, Keynote, and Numbers are built for Shortcuts on iPhone, iPad, and Mac — the new actions make accessing documents, creating templates, and even inserting data into spreadsheets. We've covered each action, built example shortcuts, and show you how to take advantage of iWork with the Shortcuts app.
iPhone doesn't have an SD card slot, but you can use a flash drive instead!
Having a flash drive that works with your iPhone is a great little accessory to have in your back pocket! Here are the best options for backing up your phone.