Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Apple Releases Patch For Evasi0n Jailbreak (After It's Used 18 Million Times)

Soulskill posted about a year and a half ago | from the at-least-you-tried dept.

Iphone 112

Sparrowvsrevolution writes "Apple has released a new update for iOS that prevents the jailbreak evasi0n released last month. But that hacking tool has already become the most popular jailbreak ever: It's been used to remove the software restrictions on 18.2 million devices in the 43 days between its release and the patch, according to data from Cydia, the app store for jailbroken devices. In its announcement of the update, Apple says it has fixed six bugs and was polite enough to credit the hackers behind evasi0n with finding four of them. At least one of the bugs used by evasi0n remains unpatched, according to David Wang, one of evasi0n's creators. And Wang says that he and his fellow hackers still have bugs in reserve for a new jailbreak, although they plan to keep them secret until the next major release."

Sorry! There are no comments related to the filter you selected.

I've already hacked this patch (2, Informative)

hairyfish (1653411) | about a year and a half ago | (#43221439)

It's called Android...

Re:I've already hacked this patch (-1)

Anonymous Coward | about a year and a half ago | (#43221537)

I have an iPad, and the only apps I've installed were Angry Birds (free version), and a bit more advanced calculator than the default one. Other than that, I use for browsing. No hacks needed by me.

Re:I've already hacked this patch (3, Funny)

Zeroedout (2036220) | about a year and a half ago | (#43221605)

You're clearly not a geek or nerd.... well maybe on the lower end of the spectrum. However, you've probably never explored an alternative OS and no, Windows XP doesn't count. Neither does Max OS X. Do you even care to compile the kernel you're using?

Re:I've already hacked this patch (0)

Anonymous Coward | about a year and a half ago | (#43222849)

Windows XP 64-bit has to count. It's a strange animal where you almost have to write your own drivers or hack the drivers intended for another OS.

Re:I've already hacked this patch (1)

hierophanta (1345511) | about a year and a half ago | (#43224535)

bro, do you even git?!? http://i.qkme.me/3t9ior.jpg [i.qkme.me]

Re:I've already hacked this patch (1, Insightful)

wonkey_monkey (2592601) | about a year and a half ago | (#43221645)

Wow, your personal experience of not using an iPad for very much has really added to this discussion. Thanks!

Re:I've already hacked this patch (1)

Anonymous Coward | about a year and a half ago | (#43223873)

Implying a knee-jerk "I use android hurr-durr" thread constitutes a discussion.

Re:I've already hacked this patch (0)

Anonymous Coward | about a year and a half ago | (#43221839)

I have an iPad, and the only apps I've installed were Angry Birds (free version), and a bit more advanced calculator than the default one. Other than that, I use for browsing. No hacks needed by me.

The free version of Angry Birds accounts as spyware http://lifehacker.com/5864518/is-my-phone-spying-on-me-and-what-can-i-do-about-it
If you'd want to block it you'd actually need the hacks. Case closed.

Re:I've already hacked this patch (3)

jedidiah (1196) | about a year and a half ago | (#43223563)

> I have an iPad, and the only apps I've installed were Angry Birds (free version), and a bit more advanced calculator

That doesn't mean what you think it does. It actually means that you are even less married to PhoneOS than someone that might be motivated to jailbreak it. Jailbreakers are not "haters". They are people that like Apple products well enough to go to great lengths to continue using them rather than just using Android.

You are like a Windows user that can faked out by fvwm95.

Re:I've already hacked this patch (0)

Anonymous Coward | about a year and a half ago | (#43224857)

I used to like fvwm because it is lighter than some of the other windows managers but the development has kind of dropped of so... Icewm yeah that one also.

back to the topic.

If a product doesn't do what I want or need it to do out of the box but I can hack it into the product I wanted to purchase... Why on earth would I purchase a product that does not meet my needs then spend hours trying to make it into something else when I can just go out an buy what I wanted in the first place.

Unless of course we are talking about the joy of hacking an item to do something not already available else where then sure sounds like fun.

Re:I've already hacked this patch (2)

0100010001010011 (652467) | about a year and a half ago | (#43221777)

My experience with random Android devices is it's hit or miss on rooting. If you have a good OEM (Asus has been good to me) then it's not a problem. But if you have ones that lock it down it's not any different than having an iPhone.

Although I wish someone would port apt-get to Android so we can install apps like you can with Cydia.

There's a difference between jailbreaking and root (2, Informative)

Sycraft-fu (314770) | about a year and a half ago | (#43221867)

You don't actually need to jailbreak an Android phone, they are already jailbroken. You just go and press a button to allow applications from sources other than the Google Play store. It will warn you that you may face hacking, doom, whatever but it will then allow you to install applications from any source you like. You can download them off the web, you can get other application stores, like Amazon's, whatever you want. Rooting is if you want full control of your device. You are right that some devices are very locked down and hard to root. However it really isn't comparable, since they are all more or less jailbroken.

The main reason to jailbreak iPhone is to get access to non-Apple applications. That is just not necessary on Android.

Re:There's a difference between jailbreaking and r (0)

Anonymous Coward | about a year and a half ago | (#43222139)

You don't actually need to jailbreak an Android phone, they are already jailbroken. You just go and press a button to allow applications from sources other than the Google Play store. It will warn you that you may face hacking, doom, whatever but it will then allow you to install applications from any source you like. You can download them off the web, you can get other application stores, like Amazon's, whatever you want. Rooting is if you want full control of your device. You are right that some devices are very locked down and hard to root. However it really isn't comparable, since they are all more or less jailbroken.

The main reason to jailbreak iPhone is to get access to non-Apple applications. That is just not necessary on Android.

What are you doing here? The main reason for /. nerds to get root access to iOS or Android is to do nerdy stuff like tinker around with the OS and even replace the OS entirely. I suspect that's what he was talking about.

Re:There's a difference between jailbreaking and r (1, Insightful)

BasilBrush (643681) | about a year and a half ago | (#43222529)

The main reason to jailbreak an iPhone is to pirate apps.

Re:There's a difference between jailbreaking and r (-1)

Anonymous Coward | about a year and a half ago | (#43223403)

I think you misspelled Android. Which platform do people actually buy things on again? Oh right, iOS.

Re:There's a difference between jailbreaking and r (1)

Krojack (575051) | about a year and a half ago | (#43223625)

I'll buy any Android app if I use it enough and/or the app is worthy of it. To name a few:

- Minimalistic Text (because it's awesome)
- Root Explorer
- Titanium Backup
- Better Terminal Emulator Pro & AirTerm

Re:There's a difference between jailbreaking and r (2)

jedidiah (1196) | about a year and a half ago | (#43223621)

> The main reason to jailbreak an iPhone is to pirate apps.

Yes. Gaze upon the ultimate manifestation of the Apple cult mentality:

          If you want to do something interesting, you must "justify yourself". The basic notion of liberty encapsulated by "why not' is totally alien. If you are the least bit creative, you get called a criminal.

The main reason is (1)

future assassin (639396) | about a year and a half ago | (#43223805)

because the item is owned by me I can do to it anywthing I want. If it means I'm going to break copyright or pirate so be it and getting caught is my own problem.

Re:I've already hacked this patch (3, Interesting)

shellbeach (610559) | about a year and a half ago | (#43222565)

My experience with random Android devices is it's hit or miss on rooting. If you have a good OEM (Asus has been good to me) then it's not a problem. But if you have ones that lock it down it's not any different than having an iPhone.

Actually, it's a lot better than what you think (and much better than it used to be several years ago -- I looked into this the other day). Motorola [custhelp.com] , HTC, Sony [sonymobile.com] and even some of the smaller providers such as Huawei [huaweidevice.com] all provide the means to officially unlock the bootloader on many of their phones. Even Samsung provides "Developer Editions" of their major phones that come with an unlocked bootloader by default; and of course every Nexus device is simply a "fastboot oem unlock" away from complete freedom. Impressive, no? There's now an awful lot of devices that you can officially install a custom recovery on and root out of the box, and it's testimony to the strength of the Android dev community that manufacturers actually want to provide this functionality.

Although I wish someone would port apt-get to Android so we can install apps like you can with Cydia.

Well, you don't really need it, unless you have a particular boner for apt-get. Google's own Play Store hosts many apps that do the same thing as those provided by Cydia; since Google has always promoted rooting rather than been adverse to the practice, there's never been a need to have a separate software repository for rooted devices. There are, of course, several other alternate app stores around should you wish to install software through non-Google means and be notified of updates.

Re:I've already hacked this patch (0)

Anonymous Coward | about a year and a half ago | (#43223313)

I wish someone would port apt-get to Android so we can install apps like you can with Cydia.

Search for Aptoid on the Play Store :-)

Re:I've already hacked this patch (2)

knarf (34928) | about a year and a half ago | (#43224601)

Although I wish someone would port apt-get to Android so we can install apps like you can with Cydia.

While it would be possible to install apt (no porting needed) it does not make much sense given the way Android packaging works. Nor is it necessary, given that Android already comes with its own package management system tailored to its needs.

Installing a package from the command line is simple:

pm install name_of_package.apk

To remove a package:

pm uninstall org.name.of.package

To disable a package without removing it:

pm disable com.name.of.package

To enable it, just replace disable with enable.

For more options just issue the pm command without options:

$ pm
usage: pm list packages [-f] [-d] [-e] [-s] [-3] [-i] [-u] [FILTER]
              pm list permission-groups
              pm list permissions [-g] [-f] [-d] [-u] [GROUP]
              pm list instrumentation [-f] [TARGET-PACKAGE]
              pm list features
              pm list libraries
              pm path PACKAGE
              pm install [-l] [-r] [-t] [-i INSTALLER_PACKAGE_NAME] [-s] [-f]
                                    [--algo --key --iv ] PATH
              pm uninstall [-k] PACKAGE
              pm clear PACKAGE
              pm enable PACKAGE_OR_COMPONENT
              pm disable PACKAGE_OR_COMPONENT
              pm disable-user PACKAGE_OR_COMPONENT
              pm grant PACKAGE PERMISSION
              pm revoke PACKAGE PERMISSION
              pm set-install-location [0/auto] [1/internal] [2/external]
              pm get-install-location
              pm set-permission-enforced PERMISSION [true|false]

pm list packages: prints all packages, optionally only
    those whose package name contains the text in FILTER. Options:
        -f: see their associated file.
        -d: filter to only show disbled packages.
        -e: filter to only show enabled packages.
        -s: filter to only show system packages.
        -3: filter to only show third party packages.
        -i: see the installer for the packages.
        -u: also include uninstalled packages.

pm list permission-groups: prints all known permission groups.

pm list permissions: prints all known permissions, optionally only
    those in GROUP. Options:
        -g: organize by group.
        -f: print all information.
        -s: short summary.
        -d: only list dangerous permissions.
        -u: list only the permissions users will see.

pm list instrumentation: use to list all test packages; optionally
    supply to list the test packages for a particular
    application. Options:
        -f: list the .apk file for the test package.

pm list features: prints all features of the system.

pm path: print the path to the .apk of the given PACKAGE.

pm install: installs a package to the system. Options:
        -l: install the package with FORWARD_LOCK.
        -r: reinstall an exisiting app, keeping its data.
        -t: allow test .apks to be installed.
        -i: specify the installer package name.
        -s: install package on sdcard.
        -f: install package on internal flash.

pm uninstall: removes a package from the system. Options:
        -k: keep the data and cache directories around after package removal.

pm clear: deletes all data associated with a package.

pm enable, disable, disable-user: these commands change the enabled state
    of a given package or component (written as "package/class").

pm grant, revoke: these commands either grant or revoke permissions
    to applications. Only optional permissions the application has
    declared can be granted or revoked.

pm get-install-location: returns the current install location.
        0 [auto]: Let system decide the best location
        1 [internal]: Install on internal device storage
        2 [external]: Install on external media

pm set-install-location: changes the default install location.
    NOTE: this is only intended for debugging; using this can cause
    applications to break and other undersireable behavior.
        0 [auto]: Let system decide the best location
        1 [internal]: Install on internal device storage
        2 [external]: Install on external media

This package management system does not handle dependencies like apt does - it is a lower-level system comparable to dpkg or rpm. Android packages generally do not depend on other packages (other than the dependency on a version of su, handled by a superuser package) so this is not much of a deficiency.

Re:I've already hacked this patch (3, Insightful)

dissy (172727) | about a year and a half ago | (#43221791)

Just out of curiousity, which Android App do I go and download/purchase to run and execute iOS applications?

Your "solution" is no different than saying the best way to run one specific windows program is to install linux

Re:I've already hacked this patch (0)

Anonymous Coward | about a year and a half ago | (#43221875)

Just out of curiousity, which Android App do I go and download/purchase to run and execute iOS applications?

Your "solution" is no different than saying the best way to run one specific windows program is to install linux

Come to think of it, the reverse should be possible and a lot easier to implement seeing as how Blackberry already has. Not that Apple would ever allow a JVM in the App Store capable of doing this, but it would be funny to be able to run the entire gaggle of Android apps on iOS. If only to see the looks ont he faces of my fAndroid friends.

Re:I've already hacked this patch (1)

Flammon (4726) | about a year and a half ago | (#43222147)

Tell me; How do I install Android on my ATV2?

Re:I've already hacked this patch (0)

Anonymous Coward | about a year and a half ago | (#43225285)

You probably can't. But there's always the XBMC option.... just sayin'

Re:I've already hacked this patch (-1)

Anonymous Coward | about a year and a half ago | (#43222251)

No thanks. I don't want to downgrade to spyware.

Re:I've already hacked this patch (0)

Krojack (575051) | about a year and a half ago | (#43223703)

If you're referring to Android being spyware, sorry but Apple does just as much and the teleco's do more spying then all the spyware combined.

Cool, help please? (0)

Anonymous Coward | about a year and a half ago | (#43223613)

So how do I install it on my iPod 4th Gen?

FFS (-1, Flamebait)

Anonymous Coward | about a year and a half ago | (#43221473)

And Wang says that he and his fellow hackers still have bugs in reserve for a new jailbreak, although they plan to keep them secret until the next major release."

****ing assholes.

If you know about a security flaw, you should report it so they can be fixed.

Re:FFS (4, Insightful)

sg_oneill (159032) | about a year and a half ago | (#43221489)

If you know about a security flaw, you should report it so they can be fixed.

How are they going to produce jailbreaks if they report it?

It would be irresponsible of them to deliberately collaborate with restricting user freedoms.

Re:FFS (1)

arbiter1 (1204146) | about a year and a half ago | (#43221603)

Well look at this from another view point, even if they told apple, ATM takes apple 1.5-2months to fix flaws as it is.

Re:FFS (3, Insightful)

Anonymous Coward | about a year and a half ago | (#43221687)

How are they going to produce jailbreaks if they report it?

It would be irresponsible of them to deliberately collaborate with restricting user freedoms.

I don't care about jailbreaks, I'm not going to install one anyway. Ever. I do care about security flaws in the operating system that is installed on hundreds of millions of devices.

It's plenty flexible enough for me without jailbreaking. I can compile and install my own apps without going through the store. You just have to have a developer account (which is not very expensive).

Re:FFS (-1)

Anonymous Coward | about a year and a half ago | (#43221779)

I can compile and install my own apps without going through the store. You just have to have a developer account (which is not very expensive).

And a $600 dongle... err... Mac.

Re:FFS (1)

Anonymous Coward | about a year and a half ago | (#43222267)

That's a benefit, not a burden.

Re:FFS (1)

hierophanta (1345511) | about a year and a half ago | (#43225089)

so are taxes?

Re:FFS (1)

dissy (172727) | about a year and a half ago | (#43221801)

The flaws are "fixed" enough already. If you were to even try to touch any of my hardware (phone, computer, laptops, anything), your arm will be broken in multiple places long before you have the chance to perform a local privilege escalation exploit :P

I mean you act like this is a bug in a network daemon or something!

Re:FFS (1)

AK Marc (707885) | about a year and a half ago | (#43221843)

I do care about security flaws in the operating system that is installed on hundreds of millions of devices.

As far as I can tell, every flaw they "use" is tethered, and there's never been malware that used any of them. The only way they decrease the security of your device is if you manually jailbreak it, which is not an accidental process, then manually install malware. If you are so sure you'll never jailbreak your device, then you are sure you'll never be attacked through those iOS bugs.

Re:FFS (4, Insightful)

Nerdfest (867930) | about a year and a half ago | (#43221863)

there's never been malware that used any of them.

That you know of.

Re:FFS (1)

AK Marc (707885) | about a year and a half ago | (#43225921)

Given that you (and everyone else) couldn't give a single counter example, I'll take your response as "I don't like your implication, even though it is, as far as I know, 100% factually accurate." Again, Slashdot is where people agree in the most disagreeable ways possible.

Re:FFS (0)

Anonymous Coward | about a year and a half ago | (#43222351)

I can compile and install my own apps without going through the store. You just have to have a developer account (which is not very expensive).

Yes, $99 per year. Every year. When you stop paying, your certificate expires and your apps are no longer trusted.

Keep paying the rent to use your device.

Security flaws, yes... (1)

dfm3 (830843) | about a year and a half ago | (#43222727)

Yes, I know that technically all jailbreaks rely on security flaws, but the way that current jailbreaks are installed makes it very obvious that you are doing something not officially sanctioned by Apple. Some of the earliest jailbreaks were of the "visit this website and click this button to jailbreak" style, and I'm glad that these were patched... there was too much potential for driveby attacks on unsuspecting users. However, evasi0n requires the user to download a binary to their computer, boot the phone in DFU mode through a series of button presses, and wait through several restarts. Not only is it obvious that you are jailbreaking, but the process is just complicated enough to discourage many casual users from attempting it.

I can compile and install my own apps without going through the store. You just have to have a developer account (which is not very expensive).

I've heard that argument phrased as "if you can afford several hundred dollars for an iPhone, you can afford $99 a year for a developer account." It's not just about the money, it's about me objecting to a company that acts as a gatekeeper to a device that I own, and that expects me to pay a yearly toll to access some of the functionality of that device... access that could be revoked for any number of reasons with no recourse.

No. (5, Insightful)

Anonymous Coward | about a year and a half ago | (#43221811)

Fuck no.

For fucking millionth time, the only way to not deliberately collaborate with restricting user freedoms is to not fucking buy the restricted stuff in the first place.

You buy DRM'ed shit - you give the DRM producer money. The fact that you intend to use hacks to circumvent the DRM later only sends a clear message: "We're doing fine, we just need to clamp down on them hackers harder".

This is not fighting for freedom, this is entitlement complex. I could somewhat understand looking to break DRM when non-DRM media in some class is nonexistent or virtually nonexistent - like in DVD video case, but not in cases like smartphones or, say, videogames. You're not entitled to it. Just say "fuck you" to them and their shiny toys and go play elsewhere - the playground is huge and alternatives are plenty.

Re:No. (0)

Anonymous Coward | about a year and a half ago | (#43222099)

Well said. Fuck apple until they allow us to do what we want with something we purchased.

Re:No. (0)

Anonymous Coward | about a year and a half ago | (#43222179)

Fuck no.

For fucking millionth time, the only way to not deliberately collaborate with restricting user freedoms is to not fucking buy the restricted stuff in the first place.

Flawed premise, not only are we entitled to un-DRM the restricted stuff, we are entitled to get it for free nobody should have to pay for content.

Re:No. (1)

sacrilicious (316896) | about a year and a half ago | (#43224029)

I'm entitled to tell you to fuck off.

"Voting with your dollars" (1)

stud9920 (236753) | about a year and a half ago | (#43224423)

The problem with "voting with your dollars" is that the ballot is not accurate enough. If you decide not to buy the last Michael Bay Bluray, is it because of the DRM ? It might as well be because of too many overlong 1.5 seconds sequences. In fact, it statistically is, as for every one person complaining about the DRM, there are ten who just wanted more sfx

Re:FFS (1)

dreamchaser (49529) | about a year and a half ago | (#43222729)

The responsible thing to do for those who are against Apple's walled garden is to not buy or use iOS devices and not producing any software that enables others to do so.

Re:FFS (1)

Spy Handler (822350) | about a year and a half ago | (#43225363)

How are they going to produce jailbreaks if they report it?

It would be irresponsible of them to deliberately collaborate with restricting user freedoms.

Apple hates us for our freedoms!

Re:FFS (0)

Anonymous Coward | about a year and a half ago | (#43226155)

Yeah; Apple is the Morgoth, the First Evil, the Cthulhu, the Sith Emperor and the Voldemort of the IT world. It wants to brainwash you into the Cult of Jobs, control you by every device you own, know your thoughts before you do and crush all alternative sources of products. Oh yeah, and have Balrogs. Balrogs are cool.

Re:FFS (-1)

Anonymous Coward | about a year and a half ago | (#43221497)

And Wang says that he and his fellow hackers still have bugs in reserve for a new jailbreak, although they plan to keep them secret until the next major release."

****ing assholes.

If you know about a security flaw, you should report it so they can be fixed.

This wouldn't be needed had Apple not been Apple. You know the whole "we know better than you what you want" motto.
But hey, people want shiny idevices without the idevice's restrictions. So the fucking assholes aren't the hackers, the fucking assholes are the consumers buying into Apple's bullshit. You buy into the Apple ecosystem, you get the shit together with the shiny.

Re:FFS (1, Flamebait)

satuon (1822492) | about a year and a half ago | (#43221543)

This wouldn't be needed had Apple not been Apple. You know the whole "we know better than you what you want" motto.

If they didn't know what people wanted I'm assuming they wouldn't be selling so well.

Re:FFS (2)

D'Sphitz (699604) | about a year and a half ago | (#43221735)

This wouldn't be needed had Apple not been Apple. You know the whole "we know better than you what you want" motto.

If they didn't know what people wanted I'm assuming they wouldn't be selling so well.

If people were happy with their devices being locked up and restricted I'm assuming 18 million of them wouldn't have used this jailbreak in a little over a month. That number seems like it includes a lot more than just geeks and hobbyists.

Re:FFS (1, Interesting)

BasilBrush (643681) | about a year and a half ago | (#43222613)

I think it mostly includes kids who want to pirate stuff.

Re:FFS (4, Insightful)

SternisheFan (2529412) | about a year and a half ago | (#43221765)

This wouldn't be needed had Apple not been Apple. You know the whole "we know better than you what you want" motto.

If they didn't know what people wanted I'm assuming they wouldn't be selling so well.

Apple obviously doesn't know what at least 18 million, 200,000 of their customers want.

Re:FFS (0)

Anonymous Coward | about a year and a half ago | (#43221953)

This wouldn't be needed had Apple not been Apple. You know the whole "we know better than you what you want" motto.

If they didn't know what people wanted I'm assuming they wouldn't be selling so well.

Apple obviously doesn't know what at least 18 million, 200,000 of their customers want.

The install base of iOS is 300 million plus. Also, how many of those 18 million, 200.000 are unique device jailbreaks and how many are dupes? It seems to me that most iOS users don't bother to jailbreak. Those 18 million are certainly not many enough to force Apple to and abandon jailing.

Re:FFS (2)

D'Sphitz (699604) | about a year and a half ago | (#43222113)

The install base of iOS is 300 million plus. Also, how many of those 18 million, 200.000 are unique device jailbreaks and how many are dupes? It seems to me that most iOS users don't bother to jailbreak. Those 18 million are certainly not many enough to force Apple to and abandon jailing.

18 million people sought out and used the jailbreak, that's significant because this isn't something they can just go get at the app store.

For every one of those 18 million how many others do you think didn't because they didn't want to void their warranties? Or they (rightfully) didn't want to risk installing malware or bricking their phone by blindly installing some hack from an unknown 3rd party? Or they didn't feel comfortable or technically competent enough to mess with the core software of their device?

And then consider all of the people who would have used the jailbreak but simply didn't learn about it during the 6 weeks of its existence.

Re:FFS (1)

Anonymous Coward | about a year and a half ago | (#43222273)

The install base of iOS is 300 million plus. Also, how many of those 18 million, 200.000 are unique device jailbreaks and how many are dupes? It seems to me that most iOS users don't bother to jailbreak. Those 18 million are certainly not many enough to force Apple to and abandon jailing.

18 million people sought out and used the jailbreak, that's significant because this isn't something they can just go get at the app store.

For every one of those 18 million how many others do you think didn't because they didn't want to void their warranties? Or they (rightfully) didn't want to risk installing malware or bricking their phone by blindly installing some hack from an unknown 3rd party? Or they didn't feel comfortable or technically competent enough to mess with the core software of their device?

And then consider all of the people who would have used the jailbreak but simply didn't learn about it during the 6 weeks of its existence.

I'm a computer scientist, I know how to jailbreak iOS, I could even develop my own jailbreaks If i was inclined to spend enough of my spare time on it but I still haven't jail-broken my iPhone or iPad simply because so far I have been perfectly satisfied with the software selection on iTunes (heretical I know but there it is). The only thing that could possibly motivate me to jailbreak/root my iDevices is (a) Apple disables the ability to import mp3/mp4/pdf files or (b) I get curious enough about the inner workings of iOS that I want to examine it's guts with trace utilities and a hex editor. To be fair, in case (a) I'd probably switch to Android rather than put up with the hassle of jailbreaks that are only available for short periods until Apple blocks them. The bottom line is that 90% or so of iOS users are perfectly happy without jail-breaking their devices and you just listed a whole slew of reasons why. They only way Apple is ever going to tear down the walls around it's garden is if jail-breaking rates top 70 or 80%.

Re:FFS (1)

Anonymous Coward | about a year and a half ago | (#43222417)

Well I know several iphone owners and only 2 who jailbreak (not myself). The reason is simply: access to pirated stuff. Nothing to do with freedom. They agree that for them the stock library is more than good enough. I've heard that before that piracy is a big interest for many jailbreakers.
Myself I find it strange that it is ok to buy an excellent but expensive gadget, and then find the few dollars for the occasional app purchases too much.

Re:FFS (1)

D'Sphitz (699604) | about a year and a half ago | (#43224675)

So you're extrapolating the anecdotal evidence from your two acquaintances to 18m+ other people?

Re:FFS (1)

Roogna (9643) | about a year and a half ago | (#43224813)

The catch is that while sites like /. are full of people who are vocal about caring, most of the customer base just simply doesn't. Hell, I highly doubt it's actually 18 million people. Given that for instance I'd be counted in that number, except I don't jailbreak my current device. I only jailbreak older devices just to mess with it.
Plus a lot of those are going to be the same people jailbreaking multiple devices.

But lets assume for a second there really are 18 million customers who jailbreak: Then those 18 million customers should tell Apple. If all 18 million customers legitimately (I mean, don't spam, be polite) emailed Tim Cook asking for Apple to add a "Root" mode on the phones, you might just get policy change.

But no, people mess around with it because it's available, but very few seem to make purchase decisions based on it's availability. Apple is going to close these security holes, because they are security holes that are now known to everyone.

Re:FFS (5, Interesting)

AK Marc (707885) | about a year and a half ago | (#43221849)

I jailbroke my idevices because the ones I have can't be unlocked any other way. It was just the carrier locking I wanted around.

Re:FFS (4, Insightful)

SimonTheSoundMan (1012395) | about a year and a half ago | (#43221499)

I hate it when people cry foul when Apple patches a jailbreak method. I find visiting a web page or opening a PDF that can root your device then automatically installs binaries and run them without user intervention that has full access to your whole phone quite worrying.

I do wonder if someone has maliciously used a jailbreak methods on their own web site, installing binaries remotely without the user knowing, and then taking data. How do you find out if this has happened?

Re:FFS (3, Interesting)

Anonymous Coward | about a year and a half ago | (#43221641)

The exploit used by evasi0n to gain root is a missing permissions check in USB backup/restore.
So unless your web page or PDF somehow magically plugs a iPhone into a properly prepared host... nope.

Re:FFS (0)

theVarangian (1948970) | about a year and a half ago | (#43222035)

I do wonder if someone has maliciously used a jailbreak methods on their own web site, installing binaries remotely without the user knowing, and then taking data. How do you find out if this has happened?

The exploit used by evasi0n to gain root is a missing permissions check in USB backup/restore. So unless your web page or PDF somehow magically plugs a iPhone into a properly prepared host... nope.

I'm pretty sure you can root iOS (or any other mobile OS) using vulnerabilities that do not require the device to be USB connected so his point still stands.

Re:FFS (0)

Anonymous Coward | about a year and a half ago | (#43222219)

Then they should fix those, instead of the ones that can only be used if you already have physical access to the phone.

Re:FFS (0)

Anonymous Coward | about a year and a half ago | (#43222685)

Then they should fix those, instead of the ones that can only be used if you already have physical access to the phone.

No, they should fix all vulnerabilities that are discovered over a reasonable expected lifespan of the device and that goes not just for Apple but also Android device manufacturers who orphan devices inside of a year after launch.

Re:FFS (2)

tlambert (566799) | about a year and a half ago | (#43221725)

I hate it when people cry foul when Apple patches a jailbreak method. I find visiting a web page or opening a PDF that can root your device then automatically installs binaries and run them without user intervention that has full access to your whole phone quite worrying.

At least with the iPhone and other Apple devices, all but the original tiff bug for jailbreakme.com have required installing a jailbreaking software package and cabling the device to your computer in order to accomplish the jailbreak.

You can get malicious software through the approves install channels very rarely (Apple generally disallows PhoneGap type software, which requires a captive custom UIView in order to cause problems via DNS redirection), so you mostly see malicious software in places where the markets consist of "install any software from an untrusted source after it has been downloaded from a trusted source, and then trojaned". In other words, typically Asian Warez sites that claim to let you download iApps that would normally have a higher price tag if you got them through the App store.

I have seen a lot more malware coming out on Android platform devices through nominally legitimate channels, since anyone can sign an app and run their own App store for Android. So the walled garden you are admiring in Apple is somewhat helpful in one way, but typically very harmful in others, in terms of editorial content.

Philosophically, jailbreaking should be, and should remain legal. Minimally: I paid for the atoms in that phone, and those atoms will damn well do what I tell them to without intermediation by a third party who has no business telling me what to do with my atoms.

Re:FFS (0)

Anonymous Coward | about a year and a half ago | (#43223299)

Does Apple force upgrades on you? I don't believe it does but I don't own the device so I could be wrong. Also is jailbreaking illegal? In the US it is legal.

You bought the device with the limitations of the device well known and the likelihood of a jail break well known. Apple has said "here is a re-ording of some atom you can use; these features will stop working when you do". The "third party" is not telling you, it is suggesting and being clear about what what it suggestion means.

Next time don't be so stupid in buying a device you KNOW the seller will suggest atom-re-ordering that will break features you want.

Re:FFS (1)

knarf (34928) | about a year and a half ago | (#43224819)

I have seen a lot more malware coming out on Android platform devices through nominally legitimate channels, since anyone can sign an app and run their own App store for Android. So the walled garden you are admiring in Apple is somewhat helpful in one way, but typically very harmful in others, in terms of editorial content.

First off, I doubt that you've seen that malware for Android. You've heard about it from others. Many of those 'others' who keep on claiming Android is about to be taken over by malware also happen to sell a trinket or two to ward off those bad apps.

Second, Android offers something which iOS does not: the option to install software without going through an 'app store'. If you are happy inside the confines of the 'app store' there is no need to enable this option. The chance of getting any malware on your device will be quite similar to that of any iOS user - probably slightly higher given the less restrictive policies governing this market when compared to the iOS app store but still so low as to be insignificant.

For those who feel the need for more freedom the options on iOS are limited. You can 'jailbreak' the device and install whatever you want. In that case the iOS device is actually more vulnerable to malware than an Android device since Android at least enforces the permissions requested by installed apps and tells the user which permissions apps require. You'll also incur the wrath of Apple who'll do their best to disable the 'jailbreak' on update, refuse warranty service, refuse 'Genius' service (no big loss, that) and make upgrading the OS a haphazard process.

The Android experience is a lot better here: select the option to install 'untrused apps', acknowledge the warning about doom and hellfire awaiting on that end of the street and install away. After installing an 'untrusted' app you can disable this option again, the app will keep on working.

Re:FFS (5, Insightful)

sFurbo (1361249) | about a year and a half ago | (#43221535)

This would clearly be the case if Apple did not insist on locking down devices in ways the consumers don't want. If there were, say, a menu option for "allow installation from unknown sources", there would be no excuse for sitting on bugs. As it is now, it is muddier: On the one hand, it is a security flaw that should be patched. On the other hand, it is a way to ensure that they can keep using their hardware in the way they want to.

Of course, the easy way around the dilemma would be to insist on only paying money for hardware you actually own, not quasi-lease, which is the only option Apple wants for iOS hardware.

Re:FFS (0, Troll)

Anonymous Coward | about a year and a half ago | (#43221571)

" in ways the consumers don't want." Ah, but the majority of the users want it (me included).
I think its great arrangement, those who wan't to hack jailbreak (and provide free bug hunts for Apple) and those who don't just use the device as is.

Re:FFS (2, Interesting)

Anonymous Coward | about a year and a half ago | (#43221707)

Bullshit. Most users are perfectly happy with the device. A few - very few, though vocal on this site - wants to do something they were never promised, and those few put the majority in danger. Granted, chances are, the flaws would not be know currently otherwise, but sitting on a flaw for your egoistical reasons is a bad reason.

Re:FFS (0)

BrokenHalo (565198) | about a year and a half ago | (#43222857)

Bullshit. Most users are perfectly happy with the device [...] but sitting on a flaw for your egoistical reasons is a bad reason.

Hmmm. OK, so a minor correction here: most Mac users are happy with the device. Sure, Apple might have originally spearheaded the current smartphone genre, but they are now trailing in the dust of Google and Samsung because they have done no innovation whatsoever in the last 5 years, other than to make their product skinnier.

Re:FFS (0)

Anonymous Coward | about a year and a half ago | (#43221713)

This would clearly be the case if Apple did not insist on locking down devices in ways the consumers don't want. If there were, say, a menu option for "allow installation from unknown sources", there would be no excuse for sitting on bugs.

Have you looked into ad-hoc and enterprise deployment of apps on iOS? Both of those allow installation from unknown sources (actually, any URL on the internet).

Sure, the binary still has to be signed by a certificate that has been signed by Apple, and Apple maintains a blacklist of revoked certificates, but if you sign up for a developer account (dirt cheap compared to your monthly phone bill) there is nothing stopping you from deploying your own apps on your own device.

You don't even need to have the source code for the app you're deploying, you can sign any binary with your certificate and install it.

Re:FFS (1)

watice (1347709) | about a year and a half ago | (#43222313)

Don't you have the option to remain jailbroken, jailbreak, or not update to the newest iOS at any given time to keep your JB? If Cydia apps are worth more to you than the increased functionality/methods for appstore apps, then your path seems rather obvious.

Re:FFS (1)

sFurbo (1361249) | about a year and a half ago | (#43222517)

True, but the discussion was about whether to report security flaws, or to keep them secret in the hopes that they can be used to create jailbreaks when the flaws present exploited have been fixed. That, of course, leaves the last sentence in my GPP as little more than an incoherent rant. Ah, well, it was early when I wrote it, and I clearly hadn't had enough coffee.

Re:FFS (1)

jittles (1613415) | about a year and a half ago | (#43222699)

Don't you have the option to remain jailbroken, jailbreak, or not update to the newest iOS at any given time to keep your JB? If Cydia apps are worth more to you than the increased functionality/methods for appstore apps, then your path seems rather obvious.

Until your device requires a warranty replacement, it fails, falls in the toilet, or whatever. Apple is militant about selling devices with the latest iOS version. You'd have to find a store that hasn't been restocked prior to the last update to avoid having the latest and greatest iOS on your device. So that isn't the perfect solution. It works for most people, most of the time, however.

Re:FFS (1)

Anonymous Coward | about a year and a half ago | (#43222733)

This would clearly be the case if Apple did not insist on locking down devices in ways the consumers don't want. I

...in ways a minority of consumers doesn't want. The vast majority just don't seem to give a shit about jailbreaking.

Re:FFS (2)

mwvdlee (775178) | about a year and a half ago | (#43221547)

They did.

The security flaws were hurting iOS users, so they reported them using their tool.

The reason security flaws are reported is in order to protect the users, not the vendor.

Applefan motto: Do as I say not as I do (-1, Flamebait)

Anonymous Coward | about a year and a half ago | (#43221481)

I'm amazed by how many Appletards herald the one true way, only to jailbreak the idevices behind Apple's back.
I'd wish Apple would just make the idevices jailbreak proof. Then lets see wether the Appletards would choose between the one true way and freedom.

Re:Applefan motto: Do as I say not as I do (0)

Pi1grim (1956208) | about a year and a half ago | (#43221505)

They'll just say, that everything's fine the way it is and noone need to actually be in control of the device they're using. In most cases in seems that iDevices are smarter than their owners anyway, so it just might be better for them if the device is in charge.

Re:Applefan motto: Do as I say not as I do (1)

Anonymous Coward | about a year and a half ago | (#43221591)

Its apple tart! http://en.wikipedia.org/wiki/Apple_pie Not Appletard, that not even a word.You Slashtard!

Thought Jailbreaking was legally allowed? (1)

nickserv (1974794) | about a year and a half ago | (#43221623)

I thought it was only unlocking a phone to use it on any carrier that recently became "illegal" due to a change at the library of congress.

IIRC there was a court case or some legislative action a year or 2 ago that made it illegal for manufacturers to stop people from jailbreaking their phones.

How is Apple geting around this, assuming I'm not misinformed? If they are just "fixing bugs" they should have the "Allow apps from anywhere" option that sFurbo mentioned above long ago!

This is written on a MacBook but I have less love for Apple every day. It's like an old marriage that's jumped the shark.

Re:Thought Jailbreaking was legally allowed? (0)

Anonymous Coward | about a year and a half ago | (#43221665)

Jailbreaking maybe allowed, but they do use security exploits to accomplish it. You don't want your phone vulnerable to malware either. The speed at which apple fixes the holes likely (hopefully?) corresponds to how serious they are as a malware vector.

Obviously the iPhone (and many 'droid handsets) needs an unlocked bootloader. Then this nonsense goes away.

Re:Thought Jailbreaking was legally allowed? (2)

skovnymfe (1671822) | about a year and a half ago | (#43222361)

It may be legal to jailbreak, but why should that stop Apple from patching security flaws in their software? If Apple doesn't provide a jailbreak feature built-in to their phones, jailbreakers have to rely on security flaws - flaws that may be patched at any given point in time.

The Customer is always right, damn it! (1)

Anonymous Coward | about a year and a half ago | (#43221705)

When *I* pay $700 for a phone, it will be used the way *I* want to use it, not the way the company I bought it from recommends. Shit, they go beyond simple recommendation, they FORCE me to use it their way. Kudos to the jailbreaking teams around the world for giving me what the company that sold me the product failed to give me.....freedom.

It's pretty simple, really. If you are that concerned about their security flaws, then upgrade. As a developer myself, I can guarantee you that there are more bugs/flaws that have not been addressed. If not, or you wish to handle YOUR device's security yourself, like I do, stick with a version of iOS >=6.1.2.

In my opinion, jailbreaking is worth it simply to run the iBlacklist app, if nothing else. That, and the ability to block the never ending onslaught of ads that are eating up my "unlimited" data plan. Like I stated, it is MY fucking phone. If I do not want to be bothered by telemarketers, politicians trying to solicit money, debt collectors (who mainly call my number because it is still linked to whoever's number this was before I had it, and didn't bother to update their database when I politely explained, the first 100 times, that this is no longer Alejandra Gomez's number), and anyone else I deem worthy of my shitlist, I should have that ability, because neither Apple, nor my carrier provide me with it.

And, to whoever posted it, jailbreaking is NOT illegal. Unlocking is currently (in the US), but the Obama squad is on that.....supposedly.

Re:The Customer is always right, damn it! (0)

Anonymous Coward | about a year and a half ago | (#43222037)

Paying 700$ for a computer and its OS, you could expect it to prevent privilege escalation. Since Apple has knowledge of security bugs, they are right to publish patches to fix these issues.

Re:The Customer is always right, damn it! (0)

Anonymous Coward | about a year and a half ago | (#43222107)

Sadly you did not PAY $700 for your phone... Come on back when you have.

Re:The Customer is always right, damn it! (1)

jones_supa (887896) | about a year and a half ago | (#43222121)

When *I* pay $700 for a phone, it will be used the way *I* want to use it, not the way the company I bought it from recommends.

Yeah but, you would also expect a $700 phone to do everything out of the box so that there is no need to jailbreak and modify it yourself.

Re:The Customer is always right, damn it! (0)

Anonymous Coward | about a year and a half ago | (#43222287)

I doubt that you are a developer when can't even get right.

"stick with a version of iOS >=6.1.2."

stick with a version of iOS =6.1.2.
There fixed for you, you pseudo-dev.

Re:The Customer is always right, damn it! (0)

Anonymous Coward | about a year and a half ago | (#43222325)

damn slashdot html filter....

Re:The Customer is always right, damn it! (0)

Anonymous Coward | about a year and a half ago | (#43222935)

When *I* pay $700 for a phone, it will be used the way *I* want to use it, not the way the company I bought it from recommends.

Sure, then don't buy from Apple, buy OTHER $700 phones. How fucking hard is that?

You insisted on banging your head against a walled garden, and expect the wall to give first?

Do you also go to Disneyland and insist they let you setup camp overnight like you can do so in the country side?

There is a very simple solution to this (0)

Anonymous Coward | about a year and a half ago | (#43221821)

Stop buying their products!

So why are they not.... (1)

Lumpy (12016) | about a year and a half ago | (#43222085)

Cracking the Apple TV 3? I can not believe that that platform is completely secured from hackers.

Jailbreaking is a real issue... (0)

c.r.o.c.o (123083) | about a year and a half ago | (#43222667)

I hope Apple manages to patch every single bug that would allow jailbreaking. They had a pretty good run with the iPhone 4s and 5, clocking in at 98 days and 136 days respectively.

Too many people buy iOS devices based on the premise they'll be able to jailbreak them in order to make full use of the hardware they bought. And that rewards Apple and its walled garden model, which is beyond broken. Sadly many consumers are too complacent, lazy or stupid to care they are only renting their iPhone or iPad. In 2013 I am not buying the "It just works" mantra, because many other devices just work better. However if even a fraction of those 18 million jailbreakers had opted for more open alternative, the marketplace would look very different right now.

At the very least, it would have forced Apple to reconsider their stance on the walled garden. If say 5 million of those 18 million people did NOT buy a new iPhone, on top of those opting for Android, BB or WP anyway, Apple would leave at least at least $2.2 billion on the table for competitors*. I have a feeling though that is already happening, as Apple's growth has slowed, and their share price has plummeted in the past few months.

Since this is slashdot, I know the Nokia N900 still has a cult following. Imagine if Nokia had been rewarded for its N900 by people buying it instead of jailbreaking their iPhone 3Gs? Identical hardware specs, but sooooo many more features in a completely open garden. We may have continued to have real Linux phones, with QT apps and repositories instead of the JVM garbage we currently consider the best alternative.

* Profit margins on the iPhone 5, similar to the 4s: http://www.zdnet.com/iphone-5-16gb-costs-an-estimated-207-to-build-7000004476/ [zdnet.com]

Apple loves them numbers in their keynotes (1)

TheSkepticalOptimist (898384) | about a year and a half ago | (#43222715)

Billions of songs donloaded
1 million applications available
18 million Jailbreaks.

Priceless.

Biased article - it fixes passcode bug (2)

tlhIngan (30335) | about a year and a half ago | (#43224523)

Apple didn't release the patch "to break the jailbreak", but to solve a more severe bug - that someone can take your locked phone and break into it.

Fixing the jailbreak (it was fixing one of the many exploits it relied on) could have been a side effect, or on purpose, but the main fix was to fix the damn privacy flaw.

Of course, everyone concentrates on the jailbreaking aspect, and not the real reason for the fix that everyone knew was coming (and has been demonstrated weeks ago).

Re:Biased article - it fixes passcode bug (1)

socialleech (1696888) | about a year and a half ago | (#43225091)

I get the feeling that both options are correct.

Apple gets to fix a 'security bug', and make it so a jailbreak no longer works. This makes them look good(tough on security), and keeps the walls up. As your casual user who knows just enough to *want* other software(or, say enabling tethering on an iDevice with it disabled?), but not enough time/knowledge to find the latest jailbreak, will just keep it stock.

Those 18m downloads are the people that:
1) Own an iDevice
2) Updated this month
3) Needed a new jailbreak
4) Took the time to find it

That a lot of iDevice users.. I wonder if this had not been patched, how much higher this number could have been in another month.

iOS (0)

Anonymous Coward | about a year and a half ago | (#43224701)

I had few Android devices. From 2.3.7 phone and table to a tabled with 4.1 version. I am sorry to say that they are just crude in comparison to iOS. Only thing I wish iOS had was the ability to not use stupid iTunes for MP3 adding. I hate the iTunes. The rest of the software is great and reliable. Not the same can be said about the Android even the base apps.

Best reason to jailbreak (0)

Anonymous Coward | about a year and a half ago | (#43225629)

Is to make sure Facebook integration is comletely disabled...

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?