Apple Adds greenpois0n Jailbreak Detection to iBooks Software

Apple has pulled out some new tricks in it’s war against the unstoppable jailbreak machine, this time leveraging on the iBooks application.

It’s quite a neat implementation, it appears the new iOS update with iBooks dropped an un-signed application on the phone and tries to run it – if it executes it assumes the device is jailbroken and throws and error. This is true even for legitimate content you’ve purchased from iTunes..

Apple has opened a new chapter in its campaign against hackers with a feature that prevents jailbroken iDevices from accessing iBooks.

According to the Social Apples blog, iPhones and iPads running the latest iOS firmware contain a “jailbreak check” that automatically detects when the devices have been unlocked using the greenpois0n jailbreak kit. Jailbroken devices that attempt to load content using the iBooks application – even legally acquired e-books – display an error message that reads: “There is a problem with the configuration of your iPhone. Please restore with iTunes and reinstall iBooks.”

“Comex,” a hacker with the iPhone Dev Team, said in a Twitter post that “iBooks drops an improperly signed binary, tries to execute it, and if it works concludes that the device is jailbroken and refuses to open the book.”

Apple are in a tough spot as the courts have already ruled that jailbreaking your own iPhone is legal so they can’t try and get the coders behind the jailbreaks arrested/sued/disrupted – like Sony did in the recent Geohot case.

It’ll be interesting to see if they take this technique any further and use it to disable the whole phone? Perhaps they legally can’t do that, but they can disable access to iTunes/iBooks and so on. Either way I’m pretty sure there are a bunch of hackers out there right now working on a way to crack it.

Apple finds itself in the same predicament as Sony, maker of the PlayStation 3 game console. Both companies want to control what software customers can run on their consoles to boost sales of authorized titles and prevent potential piracy. Unlike Sony, which hauled more than 100 jailbreakers into federal court, Apple is largely barred from taking legal action, thanks to a move last year by the US Copyright Office exempting jailbreaking from the Digital Millennium Copyright Act.

The report comes on the heels of a recent announcement that greenpois0n is now able to apply an untethered jailbreak to second-generation AppleTVs. Untethered jailbreaks are the preferred method of unshackling iDevices since the change persists even after they are rebooted. It’s still not clear exactly what can be done with a jailbroken AppleTV. One option is to run NitoTV, a user interface that loads playlists and displays weather forecasts. It’s automatically installed when greenpois0n is run.

Sony can (sadly) continue taking action against people who hack their consoles, Apple thankfully cannot – however I’m pretty sure they are going to continue trying to find ways to block/annoy jailbreakers.

We wrote about the original AppleTV jailbreak quite some time back and there has been recent news that second-generation AppleTVs are now vulnerable to untethered jailbreaks from greenpoisOn too.

Source: The Register

Posted in: Exploits/Vulnerabilities, Hacking News

, , ,

Latest Posts:

tko-subs - Detect & Takeover Subdomains With Dead DNS Records tko-subs – Detect & Takeover Subdomains With Dead DNS Records
tko-subs is a tool that helps you to detect & takeover subdomains with dead DNS records, this could be dangling CNAMEs point to hosting services and more.
Arcane - Tool To Backdoor iOS Packages (iPhone ARM) Arcane – Tool To Backdoor iOS Packages (iPhone ARM)
Arcane is a simple script tool to backdoor iOS packages (iPhone ARM) and create the necessary resources for APT repositories.
SharpHose - Asynchronous Password Spraying Tool SharpHose – Asynchronous Password Spraying Tool
SharpHose is an asynchronous password spraying tool in C# for Windows environments that takes into consideration fine-grained password policies and can be run over Cobalt Strike's execute-assembly.
Axiom - Pen-Testing Server For Collecting Bug Bounties Axiom – Pen-Testing Server For Collecting Bug Bounties
Project Axiom is a set of utilities for managing a small dynamic infrastructure setup for bug bounty, basically a pen-testing server out of the box with 1-line.
Quasar RAT - Windows Remote Administration Tool Quasar RAT – Windows Remote Administration Tool
Quasar is a fast and light-weight Windows remote administration tool coded in C#. Used for user support through day-to-day administrative work to monitoring.
Pingcastle - Active Directory Security Assessment Tool Pingcastle – Active Directory Security Assessment Tool
PingCastle is a Active Directory Security Assessment Tool designed to quickly assess the Active Directory security level based on a risk and maturity framework.

3 Responses to Apple Adds greenpois0n Jailbreak Detection to iBooks Software

  1. DazzaJ February 16, 2011 at 10:05 pm #

    And again, Apple is trying with great success to push away customers.
    This idea of controlling everything with a communistic ideas and dictatorship type rule will always be Apples downfall. They’ll always have their little “sheep” to top up the coffers, but eventually even some of those will get tired of being used and abused again and again and again.

  2. Phil February 20, 2011 at 5:14 pm #

    I haven’t tried to jailbreak mine yet. I hope Apple will not detect mine if I will jailbreak.

  3. Robert February 24, 2011 at 2:59 pm #

    It’s sad to osay the least. Steve Wozniak has always been frank about hacking. He’s basically said repeatedly in other words that you can’t take the hacker out of a hacker or even worse fight others into not-hacking your OS. Nonetheless Saurik tweet once in hos words that there is no point in having an open OS (referring to Android) when you had to mantain so much code to keep up with the different hardware. Saurik at some point left his interest with Cydia and then joined with Rock. So far they are doing very well with Cydia. In a way I still believe tightness b/w the OS and the hardware is something Linux has been fighting for years and come a long long way of great improvements… but it is the main reason why many choose OS X over linux. Can free software be better than paid software? We know a free browser that can certainly become better but a browser doesn’t have the peripheral issues a whole OS has. Major PC brand vendors tried selling linux ready PC’s but the driver support hasn’t been really met expectations. So bottom line we just can’t demonize a company for being jealous of their software/hardware.