Apple hires Jailbreakme iPhone cracker

As reported previously, the Jailbreakme website has been revolutionary in terms of unlocking iPhones in that it used a web-based environment to unlatch the handset from the carrier, rather than software that requires the smartphone to be peered with a PC or Mac computer with the usual USB connecting cable.

Now it appears that Comex – aka Nicholas Allegra – has been hired by Apple as a technology researcher, a move that many in the iPhone jailbreaking community say could put the brakes on methods of unlatching future iPhone and iPad devices from the control of Apple and the various cellcos that subsidise the units.

According to the Sydney Morning Herald: “What do you do when you have $76 billion cash in the bank and a 19-year-old hacker repeatedly thwarts your army of engineers' attempts to lock down your smartphone and tablet platform? Bring him into the tent, of course.”

The move comes as Apple is reportedly preparing to launch the iPhone 5, which does not contain a regular SIM but is instead software-authenticated to the cellular network.

“Allegra is described in a Forbes article as a `tall, shaggy-haired and bespectacled' teen from New York who has been hacking Apple's software for fun since late last year while hunting for an internship. He has said that while he provides the software for free, he has earned over $50,000 from donations”, notes the paper.

Graham Cluley, Sophos' senior technology consultant, told the paper said Allegra had given Apple “plenty of headaches” in the last couple of years and he was able to find security vulnerabilities enabling users to jailbreak their devices without even connecting them to a computer.

“Just visiting the website with Safari would trigger a security vulnerability, allowing code to run which would jailbreak the iPhone or iPad,” he said, adding that Apple does not like people jailbreaking their iPhones, so it is understandable that they would rather have the man behind the JailbreakMe website working for them rather than exposing their security weaknesses.

The Mac Observer newswire, meanwhile, notes that Allegra's web site has exposed security flaws in the iPhone and iPad operating system, leading to a cat-and-mouse game whereby Apple would patch the flaws and Allegra would find more to exploit.

Allegra, notes the newswire, used the flaws he uncovered to enable his easy jailbreak method, although the same exploits could have been used by others for more nefarious purposes.

“Presumably Mr. Allegra will be using his skills to help Apple harden iOS security, and assuming he plays his cards right, convert his internship into a full time job”, the newswire says.

What’s hot on Infosecurity Magazine?