Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

iOS 4.3.4 Prevents Hacking and Jailbreaking

samzenpus posted more than 3 years ago | from the higher-walls dept.

IOS 281

Mightee writes "Apple has released a software update to iOS, version 4.3.4, for the iPhone 4, 3GS, iPad 2, 1, and iPod Touch. The main objective of this version is to prevent the hacking in Apple iOS devices which occurs through malicious PDF files. Another objective is to prevent the jailbreaking which occurs as a consequence of the previous effect. In previous versions, the iOS device is easily vulnerable to attacks. It happens because of mishandling of fonts embedded in the PDF file. Sometimes a downloaded PDF may be malicious, and there is a possibility that the file could inject malware into the iOS device, which gives a chance for the hackers to access the hardware of the iOS device."

cancel ×

281 comments

Sorry! There are no comments related to the filter you selected.

Make something unbreakable... (1)

TechieRefugee (2105386) | more than 3 years ago | (#36795938)

We'll get a bigger stick. [CHALLENGE ACCEPTED]

Re:Make something unbreakable... (4, Insightful)

Microlith (54737) | more than 3 years ago | (#36795982)

Yup! So keep making those hostile devices, Apple, we'll keep buying them (like fools!)

Re:Make something unbreakable... (1, Insightful)

grub (11606) | more than 3 years ago | (#36796284)


Hostile... like all those Blackberry and some Android devices?

I love it when people conveniently forget the other guilty parties when engaging in AppleHate(tm)

Re:Make something unbreakable... (3, Insightful)

Microlith (54737) | more than 3 years ago | (#36796306)

like all those Blackberry and some Android devices?
Sure, not like I own one of those either.

I love it when people conveniently forget the other guilty parties when engaging in AppleHate(tm)

Apple is the biggest pusher of every concept that's ever been criticized on Slashdot. They're simply the easiest example, so stop whining.

Re:Make something unbreakable... (0)

grub (11606) | more than 3 years ago | (#36796336)


RIM/Blackberry was by far the biggest vendor of locked down devices until very recently yet the nerd-hate was tepid at best.

Re:Make something unbreakable... (2)

Microlith (54737) | more than 3 years ago | (#36796366)

I suspect it was because no one really cared, and were seen as business devices bought by companies for their employees for the most part. I also don't believe they restricted you from sideloading software unless an IT policy was put in place.

Apple's helped the smartphone market explode, unfortunately they've brought along and prop up so many things criticized on Slashdot that they're an easy target.

Remember when Apple was popular on Slashdot? (2)

traindirector (1001483) | more than 3 years ago | (#36796542)

Apple's helped the smartphone market explode, unfortunately they've brought along and prop up so many things criticized on Slashdot that they're an easy target.

Do you remember when, not so long ago, Apple was popular among Slashdotters? Back when their primary focus was on computers and not appliances? It's almost amazing thinking about that now.

It would be interesting if there were some way to plot the volume of comments about Apple over the years that have been positive and negative with their corresponding moderation totals. I can't think of any topic that has gone from overwhelmingly positive to overwhelmingly negative in the past six or seven years.

Re:Make something unbreakable... (1)

LynnwoodRooster (966895) | more than 3 years ago | (#36796562)

...some Android devices?

Now if only that was "some iOS devices". Choice rocks, doesn't it?

Re:Make something unbreakable... (4, Funny)

tuppe666 (904118) | more than 3 years ago | (#36796604)

...some Android devices?

Now if only that was "some iOS devices". Choice rocks, doesn't it?

Apple users call choice FRAGMENTATION

Re:Make something unbreakable... (2)

dwightk (415372) | more than 3 years ago | (#36796352)

I'm with you, why does Apple care about protecting users from malicious access!?

Re:Make something unbreakable... (1)

Microlith (54737) | more than 3 years ago | (#36796376)

People wouldn't be loud about Apple patching security holes if those same holes weren't necessary for jailbreaks. I suspect people wouldn't say a thing if there were other, legitimate means of getting the same level of access.

You (as someone that jailbreaks) are as much Apple's enemy as any potential malware vendor, however.

Re:Make something unbreakable... (3, Insightful)

Dan667 (564390) | more than 3 years ago | (#36796444)

I regret buying an iphone and wish I had bought an Android Phone. It has become glaringly obvious that you just get a lot more for your money in comparison (including phone features and programs).

Re:Make something unbreakable... (1)

tuppe666 (904118) | more than 3 years ago | (#36796650)

Why regret buying an iPhone I never did. Its overpriced and behind the curve...but its second hand value is just as overpriced, simply swap it for a new phone...or two. They will be better in every way.

Re:Make something unbreakable... (0)

Anonymous Coward | more than 3 years ago | (#36796632)

Isn't the (flavor of the season) brand Android phone what everyone's buying now anyways? iPhone is so 2010...

Re:Make something unbreakable... (1)

Moridineas (213502) | more than 3 years ago | (#36796636)

It doesn't get any worse than patching PDF viewer buffer overruns!! Damn you Apple!!

Re:Make something unbreakable... (1)

binarylarry (1338699) | more than 3 years ago | (#36796156)

Unfortunately for them, this will just create more Android converts.

Re:Make something unbreakable... (-1, Flamebait)

BitZtream (692029) | more than 3 years ago | (#36796388)

No, they won't.

People don't care about jail breaking.

Name one legitimate reason to want to jailbreak your phone now days.

Re:Make something unbreakable... (5, Insightful)

Microlith (54737) | more than 3 years ago | (#36796408)

Name one legitimate reason to want to jailbreak your phone now days.

Ownership. No other reason is necessary.

Re:Make something unbreakable... (1)

phantomfive (622387) | more than 3 years ago | (#36796472)

Freedom is reason of its own, but you can't turn an iPhone into a VNC server without jailbreaking it. A very legitimate need, which has cost me lots of jailbreaking grief.

Re:Make something unbreakable... (0)

Anonymous Coward | more than 3 years ago | (#36796526)

No, they won't.

People don't care about jail breaking.

Name one legitimate reason to want to jailbreak your phone now days.

Tethering.

Re:Make something unbreakable... (1)

Sinthet (2081954) | more than 3 years ago | (#36796534)

Cool themes and emulators. At least, that's why most people I know bothered jailbreaking. Especially the cool themes bit.

Re:Make something unbreakable... (1)

mswhippingboy (754599) | more than 3 years ago | (#36796554)

>

Name one legitimate reason to want to jailbreak your phone now days.

I'll give you one (there are others I assure you). I'm a software developer. I paid good $$ for my iPhone and if I want to write my OWN programs to run on it and not pay Apple $99 a year for the privilige, then my only option is to jailbreak it so I can put MY software on MY phone.

Re:Make something unbreakable... (1)

HeavensTrash (175514) | more than 3 years ago | (#36796572)

to lift wifi restrictions (ie use facetime/skype over 3g, which its able to do just fine), to use my phones 3g as a wifi hotspot without paying $20 a month additional for nothing, for access to your file system, to install different ui's apple doesnt approve of, to install apps apple rejected for who knows what reason, etc!!! i dont know anyone whos jailbroken with the intent to pirate apps.

Re:Make something unbreakable... (1)

Roger W Moore (538166) | more than 3 years ago | (#36796588)

Name one legitimate reason to want to jailbreak your phone now days.

Ok: I want to use a bluetooth GPS with my iPod touch (technically not a phone but the same OS).

Was that summary autogenerated? (0)

Anonymous Coward | more than 3 years ago | (#36795940)

It sounds like a computer wrote it. Yes, Apple patched the flaw and added some extra checks to prevent that method from working again. Like most other post-jailbreak patches.

Re:Was that summary autogenerated? (2)

YodasEvilTwin (2014446) | more than 3 years ago | (#36795956)

The grammar isn't good enough for it to be auto-generated.

Re:Was that summary autogenerated? (0, Insightful)

Anonymous Coward | more than 3 years ago | (#36795970)

At least it was, for once, honest about what's happening. "Your shiny new Apple device had a SECURITY FLAW which allows an ATTACKER to EXPLOIT it and install MALWARE! Oh, and it also can be used to jailbreak the device." Surprise surprise... Apple patched it.

It's not very often that you hear jailbreaking expressed in such bluntly realistic terms. It's exploiting a security hole. You know... the ones that Macs supposedly don't have which is why you don't need to install any antivirus or be careful about what you download or install on them...

iOS device. iOS device iOS device iOS device. (1)

Anonymous Coward | more than 3 years ago | (#36796068)

iOS device can do this. iOS device can do that. The iOS device does stuff when the iOS device is used to do stuff. The main objective of the iOS device is to iOS device the iOS device. Another object is to iOS device. In previous versions, iOS device. It happens because of iOS device. It is common to iOS device. Sometimes the iOS device is an iOS device.

aaaand... (5, Informative)

milbournosphere (1273186) | more than 3 years ago | (#36795964)

it's been jailbroken: http://gizmodo.com/5821905/ios-434-has-been-jailbroken [gizmodo.com]

Re:aaaand... (2)

WrongSizeGlass (838941) | more than 3 years ago | (#36795980)

iOS X.Y.Z Prevents Hacking and Jailbreaking

Until they move on to the next security flaw. Was, rinse, repeat.

Re:aaaand... (0, Troll)

casualsax3 (875131) | more than 3 years ago | (#36795986)

From TFA:

Of course, you should still stick with 4.3.3 if you don't want to bother with re-jailbreaking anytime your phone shuts off.

Or you should not buy an iPhone in the first place. Give your money to a vendor who deserves it.

Re:aaaand... (0)

Anonymous Coward | more than 3 years ago | (#36796042)

and which vendor is that?

Re:aaaand... (0)

Anonymous Coward | more than 3 years ago | (#36796066)

htc

Re:aaaand... (0)

Anonymous Coward | more than 3 years ago | (#36796150)

HTC. They actually stated they won't be locking bootloaders, signing kernels, or any other BS.

I'm glad to have one, and swear by that brand -- I had a Windows Mobile smartphone last from 2006 to 2010 with them in daily use until I bought an Android phone.

Of course, if Motorola would stop encrypting bootloaders, I'd give money to them too. If the Atrix were hackable with a custom ROM and Linux distro... it would just plain rock.

Re:aaaand... (1)

mike_art03a (1722218) | more than 3 years ago | (#36796318)

Been done, look it up in the XDA Developers Forums. Bought mine Friday, unlocked the bootloader, flashed it and it's running like a kitten with the Pudding ROM with the Debian Webtop mod. Webtop Mod w/Full Debian Install - http://forum.xda-developers.com/showthread.php?t=1093790 [xda-developers.com] Unlocking and flashing your Atrix - http://forum.xda-developers.com/showthread.php?t=1136261 [xda-developers.com]

Re:aaaand... (1)

carlzum (832868) | more than 3 years ago | (#36796350)

I just got an HTC Sensation, and while I don't plan to root it, I like the option. My phone has a signed bootloader, but HTC announced they would unlock it later this year.

Re:aaaand... (2, Funny)

pookemon (909195) | more than 3 years ago | (#36796060)

I'm sorry - Apple have patent on taking your money, so the "Vendor who deserves it" is in violation of one of Apples patents and will be sent a cease and desist notice.

Re:aaaand... (0, Funny)

Anonymous Coward | more than 3 years ago | (#36796088)

I'm sorry - Apple have patent on taking your money, so the "Vendor who deserves it" is in violation of one of Apples patents and will be sent a cease and desist notice.

Please. Microsoft totally has prior art on that, and they did a much better implementation.

Re:aaaand... (-1)

Fahrvergnuugen (700293) | more than 3 years ago | (#36796086)

They do deserve it. The iOS ecosystem is incredibly useful and well done, and that's saying nothing of the hardware quality.

Re:aaaand... (1)

Microlith (54737) | more than 3 years ago | (#36796094)

Maybe yours, but apparently you place no value on what you gain from a jailbreak.

Re:aaaand... (2)

NiceGeek (126629) | more than 3 years ago | (#36796138)

Which is what exactly? Seems to me that as time passes, the value gained from jailbreaking becomes less and less.

Re:aaaand... (1, Troll)

Microlith (54737) | more than 3 years ago | (#36796188)

Actual ownership of your device. Sorta like how your PC doesn't try and fight you.

I understand that accepting total vendor control over things is the cool thing on Slashdot these days (especially among iProduct fans,) so I'll just leave you to your walled and barred garden.

Re:aaaand... (2, Insightful)

grub (11606) | more than 3 years ago | (#36796302)


Ever own a Blackberry or Android phone with locked down bootloader?

The fact is the bulk of devices we "own", we don't get the goods for. I didn't get the code for my microwave oven or TV set or HD set top box, et al. ad nauseum.

Re:aaaand... (1)

Microlith (54737) | more than 3 years ago | (#36796348)

Ever own a Blackberry or Android phone with locked down bootloader?

Nope, can't say I have. Never wanted a Blackberry, and I won't touch Motorola or any device with a locked down bootloader with a 10m pole.

The fact is the bulk of devices we "own", we don't get the goods for. I didn't get the code for my microwave oven or TV set or HD set top box, et al. ad nauseum.

Did I say source code? No, I don't think I did.

Re:aaaand... (1)

blakecraw (1235302) | more than 3 years ago | (#36796364)

No I haven't ever owned a Blackberry or Android phone with a locked down bootloader. And I don't put any personal information in my microwave oven, or TV set, or HD set top box. Or my et al. ad nauseum either.

Re:aaaand... (1)

thunderclap (972782) | more than 3 years ago | (#36796496)

That's because you didn't look for the code for your TV, set top box or microwave. And by the way, until recently they were electrical devices that could be understood with a basic manual. All are not deliberately locked (well the Visio 3d TVs are but that wasn't the point).
Blackberry phones were mostly for texting, email and calling. Not apps.

Re:aaaand... (0)

BitZtream (692029) | more than 3 years ago | (#36796426)

Actual ownership of your device. Sorta like how your PC doesn't try and fight you.

What does that mean? I'm pretty sure I own it. I do pretty much anything I want with it. There is no reason for me to jail break it. You're only reason seems to be 'because'

Pre-3.0 I would be all for jail breaking as it had no tethering, since 3.0, there hasn't been a single legitimate reason to haxors it, every reason you can come up with is either a silly temper tantrum sort of thing or just an excuse to steal in one way or another.

Name one actual real reason to jail break.

Re:aaaand... (1)

CoolVC (131998) | more than 3 years ago | (#36796454)

Reasons to jailbreak-
Custom SMS sounds (though I hear that is fixed in iOS 5)
Developing applications for your own device.

Re:aaaand... (0)

Microlith (54737) | more than 3 years ago | (#36796492)

I do pretty much anything I want with it.

Up until you want to run software that isn't Apple approved. Say any sort of Free Software (go ahead, call me names.) But if you don't wander outside Apple's walled garden I can see how you'd miss it.

You're only reason seems to be 'because'

That's why people put NetBSD on toasters, right? Why should I need any greater reason?

every reason you can come up with is either a silly temper tantrum sort of thing or just an excuse to steal in one way or another.

Ah yes, the old "You're a damned dirty HACKER CRIMINAL if you jailbreak!" response from Apple fans is quite amusing, but old.

Re:aaaand... (1)

ulzeraj (1009869) | more than 3 years ago | (#36796544)

Well... I wish I could play my FLAC files in my iPod Touch without having to convert them to mp3 or aac. Seriously, why the hell Apple still refuses to add FLAC support for iTunes and iOS? Thats just silly.

Re:aaaand... (1)

exomondo (1725132) | more than 3 years ago | (#36796550)

Name one actual real reason to jail break.

FaceTime over 3G.

Re:aaaand... (0)

Anonymous Coward | more than 3 years ago | (#36796288)

I gain a lot of value from jailbreaking:

1: Blocking apps that phone home. A number of apps are pretty much dumb re-directors to the app vendor website.

2: Backing up my saved games, so I can delete the app from my phone. Angry Birds stores the saves in the Documents folder in its jail, but not all apps do that. So, AppBackup or Pkgbackup are handy, so I can archive a game, perhaps play it later on if it gets updated and levels added.

3: iBlackList. The iPhone has no way to block people whom you don't want to speak to. With this Cydia app, they go to voicemail, get a busy signal, or the phone gets picked up and hung up on.

4: The ability to ssh into the device, and use it for critical files without needing iTunes.

5: The ability to kill all background apps and wipe Safari's cookies, history, and caches with just one gesture.

6: A real UNIX command shell.

7: Small things like allowing FaceTime to work over a 3G connection.

Re:aaaand... (1, Troll)

smash (1351) | more than 3 years ago | (#36796142)

and what DO you get from a jailbreak exactly? I jailbroke my 3g-s a long time back, and other than novelty shitware noticed nothing of value so i haven't bothered since.

Re:aaaand... (2)

jcombel (1557059) | more than 3 years ago | (#36796316)

i jailbroke mine to run tethering software without having to pay the carrier a fee to use the data i already paid for

then i switched to the n1, and no longer had to power off the device -> hold home button and power button till i see the logo -> let go of home button -> plug in USB etc etc etc to be able to run software i wanted. i owned my device right out the box.

Re:aaaand... (-1, Troll)

BitZtream (692029) | more than 3 years ago | (#36796440)

You didn't pay to use the data on something other than the phone, you paid for unlimited data for use on your phone. It may be a retarded distinction, but thats what you paid for. You jailbroke it so you could steal something you did not pay for.

You can call it any number of things but you're just a simple thief, and apparently one who isn't even capable of finding an untethered jailbreak.

Re:aaaand... (2)

Microlith (54737) | more than 3 years ago | (#36796498)

You jailbroke it so you could steal something you did not pay for.

It is a retarded distinction, and you're as bad as the phone companies for trying to defend it.

you're just a simple thief

And you're a ridiculous authoritarian. Please stop accusing people of being something they aren't.

Re:aaaand... (0)

Anonymous Coward | more than 3 years ago | (#36796164)

They do deserve it. The iOS ecosystem is incredibly useful and well done, and that's saying nothing of the hardware quality.

Nur keine Überraschung! Das erwartet man natürlich von einem Erzeugnis des Deutschen Reiches.

Heil Kräuter!

Re:aaaand... (1)

ProfM (91314) | more than 3 years ago | (#36796092)

Or you should not buy an iPhone in the first place. Give your money to a vendor who deserves it.

Why would I want to give money to Microsoft to get an HTC Android phone [slashdot.org] ? Fortunately, there are other choices for the moment.

Re:aaaand... (1)

toleraen (831634) | more than 3 years ago | (#36796180)

Here I would have thought that at least one time in the last 30 years Apple (or any other major manufacturer) would have paid Microsoft for something, at some point, whose costs would have been passed on to the consumer. That's never happened? Crazy!

Re:aaaand... (1)

LynnwoodRooster (966895) | more than 3 years ago | (#36796590)

Or you should not buy an iPhone in the first place. Give your money to a vendor who deserves it.

Why would I want to give money to Microsoft to get an HTC Android phone [slashdot.org] ? Fortunately, there are other choices for the moment.

Well, I'm sure you're happy paying Microsoft for the ActiveSync functionality inside iOS... I guess there's always Symbian!

Re:aaaand... (4, Insightful)

smash (1351) | more than 3 years ago | (#36796136)

iphone does everything i want in a phone and doesn't feel like it is made of cheese like all the samsung/htc devices i have encountered. so, as far as i'm concerned, apple deserve my money.

Re:aaaand... (2)

andydread (758754) | more than 3 years ago | (#36796520)

All the things you want your phone to do is not all the things everyone wants their phone to do. Some people like to tether without having to pay a stupid fee for something that has been basic since feature phones. Some people like to have other options from which to install software, some people like to have the ability to use apps that compete with the apps the phone vendor has supplied without hearing a bullshit excuse about "duplicate functionlality" So your needs are not exactly everyone elses needs.

Re:aaaand... (0)

Anonymous Coward | more than 3 years ago | (#36796174)

If only there were a vendor who deserved it by building the most useful phone and making it open. Until then I'll go with the best device for the largest number of my uses...that currently turns out to be the iPhone but I'm sure 10 years from now it won't be.

Re:aaaand... (0)

Anonymous Coward | more than 3 years ago | (#36796006)

A tethered jailbreak? No thank you. I'd rather stay on 4.3.3 and pull the fix for this bug from Cydia.

Re:aaaand... (2)

Psyborgue (699890) | more than 3 years ago | (#36796008)

Actually, it's just a tethered jailbreak, meaning you have to connect your device to your computer every time you want to restart it. I'd wait a week or two and check on the dev team blog for a full, un-tethered jailbreak. With an iPad, tethered is not so bad given the battery live and non-critical nature of the device, but on a phone... I'd stick with 4.3.3 or whatever you're on unless you carry a backup phone you can stick the sim card into.

Re:aaaand... (3)

gutnor (872759) | more than 3 years ago | (#36796104)

un-tethered jailbreak

So you hope to see another way that any website can get root access to your device and change the operating system without the connected user consent ? An you consider that a plus on a "critical"(your word) device like your phone ??

-Mind blows-

Re:aaaand... (1)

Psyborgue (699890) | more than 3 years ago | (#36796198)

Good lord no. I don't hope to see such an exploit (though some exploit may be necessary to discover at some future point to jailbreak, for example, IOS5). The browser exploit used for the 4.3.3 jailbreak is only one method [iphone-dev.org] to jailbreak a device (a convenient one). Normally you plug it into your computer and run a program such as redpois0n to jailbreak the device, or you can load a pre-jailbroken custom firmware created using a tool such as pwnage tool or sn0wbreeze. Browser exploits are (almost) never a good thing. "Un-tethered" in the IOS jailbreaking lexicon simply means you can reboot your device without having to connect it to the computer.

Re:aaaand... (0)

Anonymous Coward | more than 3 years ago | (#36796240)

iOS 5 will be out in a few months. There probably won't be an untethered JB until then. Why burn a exploit for such a minor update?

Who restarts a phone? (1)

SuperKendall (25149) | more than 3 years ago | (#36796254)

Actually, it's just a tethered jailbreak, meaning you have to connect your device to your computer every time you want to restart it.

I have an iPhone, I've not restarted it more than once between revisions of the O.S. (which force a restart). To me the need to tether on reboot is incredibly minor.

Re:Who restarts a phone? (1)

Psyborgue (699890) | more than 3 years ago | (#36796294)

You've had good luck with stability. Others... not so much. It all depends on the quality of the apps you install through Cydia. Some like to push the envelope with customization, risking stability. On a phone, you need to be able to restart the thing and remove a troublesome package unless you're nearby a computer constantly.

Re:Who restarts a phone? (0)

ThePeices (635180) | more than 3 years ago | (#36796368)

Ahh, so *you* dont do something, therefore nobody in the rest of the world needs to either?

Cool logic bro!

Re:aaaand... (1)

countertrolling (1585477) | more than 3 years ago | (#36796148)

It's always best to "uuuse the source [redmondpie.com] " Second hand news is just so.. ordinary

Re:aaaand... (0)

Anonymous Coward | more than 3 years ago | (#36796230)

it's been jailbroken: http://gizmodo.com/5821905/ios-434-has-been-jailbroken [gizmodo.com]

I swear if this takes any longer next time, I'm switching to Android.

Re:aaaand... (1)

dimeglio (456244) | more than 3 years ago | (#36796292)

Might be jailbroken but at least the PDF problem is fixed.

Re:aaaand... (1)

RMingin (985478) | more than 3 years ago | (#36796382)

Not new, not special and not noteworthy.

There are two flaws in the bootloader for all the pre-iPad2 devices. They are commonly referred to by the names of the exploits against them, SHAtter and GreenPois0n. These will not ever be patched by Apple, they are too low level. This means that every iDevice before the iPad2 has a jailbreak for life.

On the other hand, the bootloader exploits will only give you a tethered (needs a computer to help boot) jailbreak, so if you're on 4.3.3 or have saved SHSHs for it, STAY THERE. 4.3.4 offers you nothing but a restriction.

Likewise, all the iOS 5 betas have been jailbroken by the same method, and give the same tethered JB. We need iOS 5 to go gold, and for a nice untether or escalation to be found in it.

Re:gaaaaaah... (1)

VortexCortex (1117377) | more than 3 years ago | (#36796548)

it's been jailbroken: http://gizmodo.com/5821905/ios-434-has-been-jailbroken [gizmodo.com]

Well, of course... Contingencies are planned for. No one thinks that the "security researchers" looking for exploits to enable jailbreaking just stop looking for exploit vectors once they have root access, do they?

IMHO, Mobile device/OS manufacturers should just give their customers (the end users, not the service providers) root access in an "advanced" menu option... Otherwise it's just a matter of time before some of the "jailbreakers" turn into malware authors...

Don't get me wrong; Including a "Got Root?" option wouldn't keep everyone from searching for exploits, but it would remove a current major motivating factor.

Did you know that due to copyright restrictions of software & games bored Bulgarians began to reverse engineer and crack them. Thus at one point in the 90's Bulgaria was the malware capitol of the world -- Responsible for the most and best of all viruses worldwide. [nytimes.com]

A similar thing happened for bootleggers of older games for Apple, Amiga, Commodore, and other PCs. In fact, the cracks were rated among their peers according to the duration between a game's release and it's crack date eg: Software cracked only 6 weeks after release was rated as a "42-day crack". It was a competition to the hackers, and sometimes they got a hold of pre-releases just to crack them. If the software was exploited on or before its retail release it was the coveted best rating -- A "Zero-Day" crack!... Somehow the term has changed meaning a bit over the years, along with the term "hacker"; C'est la vie.

Accelerated escape from control due to more constriction. You see this sort of thing happening again and again, it applies to just about everything...

The more you tighten your grip, Tarkin, the faster the spunk will escape from your... fingers.

Re:aaaand... (1)

Killerchronic (1170217) | more than 3 years ago | (#36796654)

They can't prevent jailbraking on current devices expcept the ipad 2 (as it doesnt have the exploit) from what i understand, geohot's lime rain exploit is not patchable. http://theiphonewiki.com/wiki/index.php?title=Limera1n [theiphonewiki.com]

No win situation (0)

Anonymous Coward | more than 3 years ago | (#36795976)

"The main objective of this version is to prevent the hacking in Apple iOS devices which occurs through malicious pdf file. "

Right - they aren't addressing a major security vulnerability. They just want to rain on your jailbreak parade.

Re:No win situation (2, Insightful)

Anonymous Coward | more than 3 years ago | (#36796056)

Yeah, sure, I want any random website to be able to root my phone. That's exactly what jailbreakme.com does and it could do it without my permission just by visiting the site if the authors wanted to do it. Yes, this is a MAJOR security vulnerability, even if it is currently only being used for good and not evil.

written like a true indian (0)

Anonymous Coward | more than 3 years ago | (#36795978)

iOS 5 will automatically detect and correct problems with your sentence structure that unfortunately turn people against you!

Use of the word "device" (1)

edfardos (863920) | more than 3 years ago | (#36795992)

In other news, pdf's may cause iOS devices to use the word "device" at least five times in a slashdot article.

Prevent jailbreaking? (1)

grimmjeeper (2301232) | more than 3 years ago | (#36796016)

Yeah, let me know how that works out for you...

You can still jailbreak (0)

Anonymous Coward | more than 3 years ago | (#36796030)

They only closed the PDF vulnerability, not any of the boot/kernel holes we've been using for a long while. And honestly using an active remote code execution vuln to jailbreak your device is like firing a rocket at your house because you forgot your keys.

Re:You can still jailbreak (1)

RyuuzakiTetsuya (195424) | more than 3 years ago | (#36796390)

Except the iPad 2's not vulnerable to those attack vectors.

That's the only reason why the PDF exploit was any sort of real news.

Terrible (0)

Thinine (869482) | more than 3 years ago | (#36796040)

What a shitty summary and article. Seems like both were written by retarded 4th graders.

Re:Terrible (-1)

Anonymous Coward | more than 3 years ago | (#36796286)

I think I may know the reason for this. Suppose you were a retarded 4th grader, and suppose you were an iOS user... but I repeat myself. My point is, if you were an Apple apologist, this is how you would write. Apple can do no evil. Apple is always better because it's Apple, therefore Apple is better. The logic is flawless. It's like the commercial says, "If you don't have an iPhone, you don't have an iPhone." FLAWLESS.

What a stupid title (5, Insightful)

Haedrian (1676506) | more than 3 years ago | (#36796050)

Its as if this update solved all problems and will solve all problems in the future.

"iOS 4.3.4 solves known pdf exploits"

Would have made sense.

None of this "Prevents Hacking and Jailbreaking" nonsense.

Re:What a stupid title (4, Informative)

Kenja (541830) | more than 3 years ago | (#36796396)

Better description would be "iOS 4.3.4 fixes known PDF security flaw".

This is a good thing. If you can use the flaw to root your phone, then so could someone else. But then that would be a less sensationalist article.

Not for long (1)

netdigger (847764) | more than 3 years ago | (#36796054)

I'll give them a week and a half of being unjailbreakable... Its going to happen

Re:Not for long (1)

CoolVC (131998) | more than 3 years ago | (#36796478)

A jailbreak is still available. You just have to plug it into a computer and run an application. This specific jailbreak was popular because all it required was to visit a website.

maybe (1, Flamebait)

nitehawk214 (222219) | more than 3 years ago | (#36796058)

I know how they can keep the hardware out of the hands of hackers. They should just sell an empty shell with the apple logo on it. It will still sell great!

Why... (0)

Anonymous Coward | more than 3 years ago | (#36796062)

... is TFS linking to some obscure blog written in poor English with little details and no references?

DRM = Increased Security? (0)

tokyoahead (743189) | more than 3 years ago | (#36796070)

If Microsoft had a successful media market so that anyone hacking the OS would also have access to copy & distribute all the digital media on the system, we would have not to wait years to fix serious flaws in the system. No wonder companies see the iPhone as the first candidate for corporate smartphones today. The media content makes it more secure than their own network.

Backup your SHSH files - NOW (5, Insightful)

DanTheManMS (1039636) | more than 3 years ago | (#36796118)

Anyone with an iDevice reading this, please go backup your 4.3.3 SHSH file right now. Even if you don't think you'll ever jailbreak, please do it as an insurance measure. It's as simple as downloading a program (TinyUmbrella), connecting your phone to the computer, and clicking a button. Behind the scenes it's saving Apple's magic "approval" that allows you to restore your device to the fully-hacked 4.3.3 firmware. In the next few days, Apple is likely to stop signing restore requests for anything except 4.3.4.

It's not that I expect most people to actively *want* to downgrade their firmware in the future. I just like having the *option* to do so. For instance, right now I could restore my iPhone to iOS version 3.1.3 if I wanted to, even though Apple stopped allowing restores to that version years ago.

Re:Backup your SHSH files - NOW (1)

Psyborgue (699890) | more than 3 years ago | (#36796260)

Just checked. Apple is no longer signing 4.3.3 from what i'm reading [macrumors.com] . Well. Guess whoever is on 4.3.3 will never be able to get back there after a restore. TinyUmbrella will do nothing now, nor will Cydia's backup.

Re:Backup your SHSH files - NOW (0)

Anonymous Coward | more than 3 years ago | (#36796338)

Curses. I did a basic search before posting but I didn't find that info. Well now I look like a fool, heh...

Re:Backup your SHSH files - NOW (1)

mlts (1038732) | more than 3 years ago | (#36796340)

Seconded on that. I'm sure there will be an untethered JB for 4.3.4 because the core exploit is in hardware. But, it can't hurt to keep that around just in case.

The SHSH party ends once iOS 5.x comes out though... unless you want to downgrade to 4.x, you either are at the latest iOS 5.x version or nothing. Blecch.

iOS 10 cures cancer! (3, Informative)

metalmaster (1005171) | more than 3 years ago | (#36796206)

no but the title is sensationalist at best.

As a few others mentioned, Apple has only closed the most obvious hole that hackers have been using to jailbreak the device. There are probably others, and they have been/will be found. If theres anything that we've learned over the past year or so its that you shouldnt rattle the cage. Im not saying that anyone will go about breaking iTMS and exposing the infos of Apple's userbase, but who knows....

If anything this will serve as a good pentest for future releases. Apple has known about the pdf exploit for quite some time and hasnt completely closed it, so people were able to get comfortable knowing their exploit could work with a bit of tweaking. This will get them off their asses and hunting for new ways to break free of he walled garden once again.

iOS 4.3.4 Prevents Hacking and Jailbreaking (1)

Slash.Poop (1088395) | more than 3 years ago | (#36796250)

What a BOLD headline.
Who wants to bet it is completely false?
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?