How To Prevent Malicious Websites From Using Security Hole In iOS Used In JailbreakMe – Web-Based Jailbreak Method

News | Tuesday July 27 2010 11:04 PM | Comments (0) Tags: , , , , , , , , , , ,

The jailbreak stuff saved as FlateDecode stream within that PDF file, and vulnerability occurs when Mobile Safari loaded the PDF file, letting iOS to parse the FlateDecode filter, and use the font file inside, then Kaboom.
Experts have raised concern that the security vulnerability in iOS could be exploited in a similar way by malicious websites to install malware.
It is important to note that the security hole has been around for quite sometime so it could have been used by malicious websites, its funny how the experts who were sleeping until now are blaming jailbreaking for exposing the security hole. In this particular situation, jailbreaking offers users a solution to prevent malicious websites from using the security hope in iOS.
from Will Strafach (@cdevwil) and open it on your your iPhone , iPad or iPod Touch using iFile, which is a file manager that can be installed using Cydia.
Navigate to /var/mobile and then double tap the .deb file to install it.
After installing the .deb file, you will get the following warning message if a website is automatically trying to open a PDF file:
“View File? The application wants to display a PDF on your device. There is a known bug in the PDF loading code that makes the running of arbitrary code possible, which could compromise your system. Are you sure you want to continue?”
If you don’t trust the website then tap on the ‘Cancel’ button or tap ‘Load’ button to continue.
As you can see, installing the .deb file does not patch the security loop hole but it does warn you against possible malicious attacks.
Based on the nature of the security loophole in iOS, it is widely speculated that Apple will fix it in
, which is currently in beta.
However,
You should know that there are /lots/ of public exploits out there, and @comex's JailbreakMe just uses one of them. No big de
So it looks like the cat and mouse game between Apple and the iPhone hacking community will continue, which means that iPhone jailbreakers and unlockers should avoid upgrading to iOS 4.1 when it is released. Users should wait for Comex or iPhone Dev Team to provide an update on how it impacts a jailbroken or unlocked iPhone .
Are you worried about the security hole or glad to be able to jailbreak your iPhone ? Tell us in the comments.

No Comments »

No comments yet.

RSS feed. TrackBack URI

Leave a comment

You must be logged in to post a comment.