Most iPhone and iPad users are perfectly happy with the software on the device as it is shipped by Apple.
A minority, however, prefer to open up their devices. By doing this, they can:
* Run applications and extensions not approved by Apple.
* Download software from alternative appstores, without tying those downloads to an Apple account.
* Access all the files and configuration data on their device directly, in order better to understand and secure it.
Liberating your device sounds like a great idea, but this behaviour has been stigmatised amongst corporate users.
Firstly, the action of removing artificial security restrictions is known as “jailbreaking,” making it sound like a doubly-dangerous criminal act. (Since only crooks are supposed to be in jail in the first place, jailbreakers are not only criminals, but recidivists to boot.)
Secondly, jailbreaking opens up the less security-savvy user to additional risks. Some jailbreakers don’t take on the additional responsibility which goes with the increased power over their device. That’s how the now-infamous iPhone viruses Ikee and Duh were able to spread.
Thirdly, jailbreaking isn’t supposed to be possible. So every jailbreak relies on you exploiting a software vulnerability to escape from Apple’s artificial strictures. That means you have to trust the creators of the jailbreak not to abuse the exploit you’re choosing to run against your device.
The flipside, of course, is that those who don’t jailbreak their phones are trusting Apple not to leave the sort of exploitable hole that would permit crooks to break into the internals of their device.
And Apple hasn’t been terribly trustworthy on that score. Despite a solid commercial reason for keeping its devices secure – namely, that an unjailbroken device can only shop at the Apple AppStore – few of Apple’s operating system versions stay safe for very long.
Early in July, the JailbreakMe site published an automated, on-line method for opening recent iDevices running iOS 4.3.3.
(The jailbreakers also provided a patch by which you could close the remotely exploitable hole, for your own safety, after jailbreaking.)
Apple, to its credit, caught up within two weeks with an iOS update to version 4.3.4, closing the hole used by JailbreakMe.
But the jailbreakers claim to be back in already. By all reports, the latest jailbreak doesn’t work for iPad2 users, and it can’t be done simply by visiting a website.
You need to plug your device in to a computer, in what’s called a “tethered” jailbreak, and you need to re-jailbreak it every time you reboot.
Nevertheless, Apple’s latest security fix has been circumvented already.
With this in mind, the tricky question becomes, “Whom should I trust more: Apple or the jailbreakers?”
I can’t answer that question – and if your iDevice is provided by your company, you shouldn’t try to answer it by yourself.
Perhaps the best way to approach the issue is to rephrase it more equivocally, in the manner of Google, which sets out not to be evil, rather than actually to be good.
So, if you’re thinking of jailbreaking, ask yourself, “Do I distrust the jailbreakers.” If not, then jailbreaking may be for you. Just be sure to read all the security guidelines associated with the process, and be sure you have the explicit permission of the owner of the device.
PS. I have an iPad. It is jailbroken.
Leave a reply
