Thursday, August 5, 2010

iPhone Jailbreakme.com Exploit - Dangerous?

In the last week or so a group developed a web page that would jailbreak almost any iPhone just by navigating to that page. This reduced the process of jailbreaking into the realm of absolute simplicity. All that was needed was one swipe to confirm the action and it just happened.

This was made possible by a security hole in the code that processed fonts inside PDFs or Acrobat Reader files. I call this a security hole because it is actually an unintended action by code that is actually there to server quite a valid purpose. This only becomes a security hole if it does something that some person does not want it to do. For instance is an apparently harmless program that installs a virus a security hole or simply a malicious program? When you consider the whole gamut of possibilities on all consumer computer platforms then one man's security hole is another man's utility.

Let us look at this in context. The more a platform is able to do the more it becomes subject to such exploits. The first exploit of this type I became aware of was way back in the 80s and the early days of the Mozilla browser. A URL could append executable code into their web address and when the Mozilla browser loaded this web address this executable code went into an area of memory that caused it to be executed. As far as I know no one ever used this to run malicious code but it was the forerunner of many thousands, if not millions, of such exploits and has resulted in a huge underground industry targeted at MS Windows PCs.

In the early days of the PC when MS-DOS ruled viruses had to be introduced using floppies and then later using USB sticks. At that time they were no more than malicious. Later when dialup was common websites that could hijack your dialup connection and cause your modem to silently dial a premium number started to appear but that was really the extent. Today there are many exploits and many types of malicious activity. The two most common and obnoxious are the key logger and the bot-net. The key logger records everything you type along with the web sites you visit and sends them to a central location. They look for sites that you visit such as banking and gaming so as to collect your passwords and credit card details. The bot net is just as insidious but far more powerful. It allows the owner of the bot-net to control millions of PCs and do things such as attacks on corporate sites. These bot-nets are hired out to criminal organisations to use for their nefarious purposes.

The thing is that these activities are common om PCs for the simple reason that there are so many of them and it is easier to do this on a platform which has the majority market share. It is worth nobodies while to do this for the Mac or Linux or Solaris. There is hardly any point. The games that people play regarding which platform is "more secure" is rather petty and pointless. One million attacks on a PC as opposed to one hundred on a Mac makes the relative security games seem silly.

Now back to the iPhone. Sure there is this ability to run code on the iPhone via this hole but how many people do you know who own an iPhone has actually had a malicious attack? Compare that with the number of people you know how have been affected by a PC virus. As far as I know there has never been a malicious attack on an iPhone despite the security holes that have appeared. The simple reason is that it is worth nobodies while when there is this huge plethora of PCs out there. It has nothing to do with the relative security of the platform.

In fact on many platforms this type of facility is built in so as to make the user's life easier. Personally I would not care if this "exploit" was never fixed. It takes the likelihood of a malicious exploit from next to zero to ... well perhaps almost nothing. Should users be afraid. No. Should users care. No. If you really want to feel safer remember to look both ways before you cross the street.