It’s quite a neat implementation, it appears the new iOS update with iBooks dropped an un-signed application on the phone and tries to run it – if it executes it assumes the device is jailbroken and throws and error. This is true even for legitimate content you’ve purchased from iTunes..
Apple has opened a new chapter in its campaign against hackers with a feature that prevents jailbroken iDevices from accessing iBooks.
According to the Social Apples blog, iPhones and iPads running the latest iOS firmware contain a “jailbreak check” that automatically detects when the devices have been unlocked using the greenpois0n jailbreak kit. Jailbroken devices that attempt to load content using the iBooks application – even legally acquired e-books – display an error message that reads: “There is a problem with the configuration of your iPhone. Please restore with iTunes and reinstall iBooks.”
“Comex,” a hacker with the iPhone Dev Team, said in a Twitter post that “iBooks drops an improperly signed binary, tries to execute it, and if it works concludes that the device is jailbroken and refuses to open the book.”
Apple are in a tough spot as the courts have already ruled that jailbreaking your own iPhone is legal so they can’t try and get the coders behind the jailbreaks arrested/sued/disrupted – like Sony did in the recent Geohot case.
It’ll be interesting to see if they take this technique any further and use it to disable the whole phone? Perhaps they legally can’t do that, but they can disable access to iTunes/iBooks and so on. Either way I’m pretty sure there are a bunch of hackers out there right now working on a way to crack it.
Apple finds itself in the same predicament as Sony, maker of the PlayStation 3 game console. Both companies want to control what software customers can run on their consoles to boost sales of authorized titles and prevent potential piracy. Unlike Sony, which hauled more than 100 jailbreakers into federal court, Apple is largely barred from taking legal action, thanks to a move last year by the US Copyright Office exempting jailbreaking from the Digital Millennium Copyright Act.
The report comes on the heels of a recent announcement that greenpois0n is now able to apply an untethered jailbreak to second-generation AppleTVs. Untethered jailbreaks are the preferred method of unshackling iDevices since the change persists even after they are rebooted. It’s still not clear exactly what can be done with a jailbroken AppleTV. One option is to run NitoTV, a user interface that loads playlists and displays weather forecasts. It’s automatically installed when greenpois0n is run.
Sony can (sadly) continue taking action against people who hack their consoles, Apple thankfully cannot – however I’m pretty sure they are going to continue trying to find ways to block/annoy jailbreakers.
We wrote about the original AppleTV jailbreak quite some time back and there has been recent news that second-generation AppleTVs are now vulnerable to untethered jailbreaks from greenpoisOn too.
Source: The Register
- Fitbit Vulnerability Means Your Tracker Could Spread Malware
- OWASP WebGoat – Deliberately Insecure Web Application
- WinRAR Vulnerability Is Complete Bullshit
- Untethered Userland Jailbreak For iPhone 3.1.3 & iPad 3.2 Has Arrived
- JailBreaking AppleTV Running on iOS 4.1 – iPad/iPhone 4 Jailbreak Soon?
- PwnageTool 4.01 Released – Jailbreak For iPhone & iPod Firmware 4.0 (iOS4)
Most Read in Exploits/Vulnerabilities:
- Learn to use Metasploit – Tutorials, Docs & Videos - 232,355 views
- AJAX: Is your application secure enough? - 119,746 views
- eEye Launches 0-Day Exploit Tracker - 85,318 views