Jailbreak for iPhone 4S released

Standard Apple mobile devices are only able to use apps downloaded from the official Apple App Store. Jailbreaking is the term used to break Apple mobile devices free from this restriction. The process is currently legal in the United States as an exemption within the Digital Millennium Copyright Act (DMCA). Absinthe is the first jailbreak for the latest Apple devices using dual core A5 processors.

The jailbreak includes a GUI running on a Mac or PC computer for standard implementation, but also provides a command line interface (CLI) for advanced users, troubleshooting and support.

The usual arguments for jailbreaking are to allow the use of apps not approved by Apple via the App Store. Apple uses its restrictions to ensure the security of the apps and to maintain the integrity of the device. “iOS,” explains Kaspersky’s David Emm, “is a closed, restricted file system, allowing the download and use of apps from just a single source – the App Store. This means a lower security risk: in order to distribute code, would-be malware writers would have to find some way of 'sneaking' code into the App Store.”

Critics feel that it is a form of censorship that excludes useful and valuable apps that either don’t conform to Apple regulations or are produced by developers not willing to pay the App Store charge. “At the end of the day,” says PandaLabs’ Luis Corrons, “the main difference between Apple and Android is that Android gives me, as a user, the option to decide what applications I want to install in my device, while Apple thinks it knows better than me what applications I want to install – and where I should buy them.” Absinthe allows iPhone users to run apps downloaded from the Cydia Store (via the Cydia app), an online repository of apps developed for jailbroken devices.

Most security experts consider that jailbreaking is a potentially dangerous process. “By definition,” says David Harley, the independent researcher behind the Mac Virus website, “jailbreaking is essentially a modification to the OS that might destabilize it in unexpected ways.” He points out that the process breaches Apple’s terms of use, and that a jailbroken device is unlikely to receive any Apple support if it goes wrong.

The security industry is caught in a cleft-stick over Apple’s restrictions. The same regulations that prohibit system kernel access to apps also prevents the development of third-party security applications such as anti-virus. Nevertheless, comments Harley, “it’s not coincidental that the nearest thing to viruses that have been seen on iOS have only worked on jailbroken machines.” Technically, it would be possible to develop commercial AV that takes advantage of jailbreaking itself, but Harley believes this would raise both ethical and practical problems. “Even if a company was willing to go that route – and AV companies are notoriously ethically straightlaced – I suspect that Apple would withdraw all cooperation across the board from them.”

The main defense for iPhones and iPads, he concludes, “is still Apple’s code inspection for approved apps.”

What’s Hot on Infosecurity Magazine?