Apple Adds greenpois0n Jailbreak Detection to iBooks Software

The New Acunetix V12 Engine

Apple has pulled out some new tricks in it’s war against the unstoppable jailbreak machine, this time leveraging on the iBooks application.

It’s quite a neat implementation, it appears the new iOS update with iBooks dropped an un-signed application on the phone and tries to run it – if it executes it assumes the device is jailbroken and throws and error. This is true even for legitimate content you’ve purchased from iTunes..

Apple has opened a new chapter in its campaign against hackers with a feature that prevents jailbroken iDevices from accessing iBooks.

According to the Social Apples blog, iPhones and iPads running the latest iOS firmware contain a “jailbreak check” that automatically detects when the devices have been unlocked using the greenpois0n jailbreak kit. Jailbroken devices that attempt to load content using the iBooks application – even legally acquired e-books – display an error message that reads: “There is a problem with the configuration of your iPhone. Please restore with iTunes and reinstall iBooks.”

“Comex,” a hacker with the iPhone Dev Team, said in a Twitter post that “iBooks drops an improperly signed binary, tries to execute it, and if it works concludes that the device is jailbroken and refuses to open the book.”

Apple are in a tough spot as the courts have already ruled that jailbreaking your own iPhone is legal so they can’t try and get the coders behind the jailbreaks arrested/sued/disrupted – like Sony did in the recent Geohot case.

It’ll be interesting to see if they take this technique any further and use it to disable the whole phone? Perhaps they legally can’t do that, but they can disable access to iTunes/iBooks and so on. Either way I’m pretty sure there are a bunch of hackers out there right now working on a way to crack it.

Apple finds itself in the same predicament as Sony, maker of the PlayStation 3 game console. Both companies want to control what software customers can run on their consoles to boost sales of authorized titles and prevent potential piracy. Unlike Sony, which hauled more than 100 jailbreakers into federal court, Apple is largely barred from taking legal action, thanks to a move last year by the US Copyright Office exempting jailbreaking from the Digital Millennium Copyright Act.

The report comes on the heels of a recent announcement that greenpois0n is now able to apply an untethered jailbreak to second-generation AppleTVs. Untethered jailbreaks are the preferred method of unshackling iDevices since the change persists even after they are rebooted. It’s still not clear exactly what can be done with a jailbroken AppleTV. One option is to run NitoTV, a user interface that loads playlists and displays weather forecasts. It’s automatically installed when greenpois0n is run.

Sony can (sadly) continue taking action against people who hack their consoles, Apple thankfully cannot – however I’m pretty sure they are going to continue trying to find ways to block/annoy jailbreakers.

We wrote about the original AppleTV jailbreak quite some time back and there has been recent news that second-generation AppleTVs are now vulnerable to untethered jailbreaks from greenpoisOn too.

Source: The Register

Posted in: Exploits/Vulnerabilities, Hacking News

, , ,

Latest Posts:

Malcom - Malware Communication Analyzer Malcom – Malware Communication Analyzer
Malcom is a Malware Communication Analyzer designed to analyze a system's network communication using graphical representations of network traffic.
WepAttack - WLAN 802.11 WEP Key Hacking Tool WepAttack – WLAN 802.11 WEP Key Hacking Tool
WepAttack is a WLAN open source Linux WEP key hacking tool for breaking 802.11 WEP keys using a wordlist based dictionary attack.
Eraser - Windows Secure Erase Hard Drive Wiper Eraser – Windows Secure Erase Hard Drive Wiper
Eraser is a hard drive wiper for Windows which allows you to run a secure erase and completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns.
Insecure software versions are a problem Web Security Stats Show XSS & Outdated Software Are Major Problems
Netsparker just published some anonymized Web Security Stats about the security vulnerabilities their online solution identified on their users’ web applications and web services during the last 3 years.
CTFR - Abuse Certificate Transparency Logs For HTTPS Subdomains CTFR – Abuse Certificate Transparency Logs For HTTPS Subdomains
CTFR is a Python-based tool to Abuse Certificate Transparency Logs to get subdomains from a HTTPS website in a few seconds. - Test SSL Security Including Ciphers, Protocols & Detect Flaws – Test SSL Security Including Ciphers, Protocols & Detect Flaws is a free command line tool to test SSL security, it checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and more.

3 Responses to Apple Adds greenpois0n Jailbreak Detection to iBooks Software

  1. DazzaJ February 16, 2011 at 10:05 pm #

    And again, Apple is trying with great success to push away customers.
    This idea of controlling everything with a communistic ideas and dictatorship type rule will always be Apples downfall. They’ll always have their little “sheep” to top up the coffers, but eventually even some of those will get tired of being used and abused again and again and again.

  2. Phil February 20, 2011 at 5:14 pm #

    I haven’t tried to jailbreak mine yet. I hope Apple will not detect mine if I will jailbreak.

  3. Robert February 24, 2011 at 2:59 pm #

    It’s sad to osay the least. Steve Wozniak has always been frank about hacking. He’s basically said repeatedly in other words that you can’t take the hacker out of a hacker or even worse fight others into not-hacking your OS. Nonetheless Saurik tweet once in hos words that there is no point in having an open OS (referring to Android) when you had to mantain so much code to keep up with the different hardware. Saurik at some point left his interest with Cydia and then joined with Rock. So far they are doing very well with Cydia. In a way I still believe tightness b/w the OS and the hardware is something Linux has been fighting for years and come a long long way of great improvements… but it is the main reason why many choose OS X over linux. Can free software be better than paid software? We know a free browser that can certainly become better but a browser doesn’t have the peripheral issues a whole OS has. Major PC brand vendors tried selling linux ready PC’s but the driver support hasn’t been really met expectations. So bottom line we just can’t demonize a company for being jealous of their software/hardware.