Today Apple released patches for its iOS that address a security hole in Mobile Safari, which allowed users to jailbreak their iDevices. The PDF exploit they used also allowed hackers to gain remote control over the device with an iOS.
You can update your device via the links above or simply by connecting your device to iTunes and clicking Update. But note, if you want to continue using jailbreak you should not update your handset/tablet and don't forget to backup your SHSH blobs.
Now adding Flash to your iPhone and iPad is very easy. Apple didn't want Flash to be on their devices. Several hackers created a project Frash - a Flash port for iPhone and iPad. Today it is available as a package in Cydia. To install follow these steps:
The Flash port project is called Frash. Recently it became available for iPad, now iPhone users can install it on their devices. Of course you need to jailbreak, since Apple doesn't support Flash in iDevices.
Credits go to hackers Comex for the Frash port and Grant Pannell for iPhone 4 compilation.
There is a big a security hole in iPhone iOS. The device is insecure in a big and obvious way. You should be extremely careful of what sites you visit.
The FlateDecode vulnerability can be used when a PDF File is embedded within a Web page. Basically Safari tries to parse the PDF. And when it does it executes some code. Hackers can use this exploit to read and write iPhone data, get your contacts, sms, even delete something. So they can get all kinds to access your personal information stored on your iOS device.
Apple will fix it some day. Until then you need to take care of your iPhone security. There is a fix for that. It is available via Cydia for jailbroken devices. So you need to jailbreak in order to secure (funny isn't it?).
Recently Vupen, which is a French security firm, posted an advisory that contained information about two critical security vulnerabilities in Apple's iOS. After a while hacker comex used these flaws to create a jailbreak, which is now widely known and available on JailbreakMe.com.
But according to Reuters, yesterday Apple decided to react and its spokeswoman Natalie Harrison revealed that the company is currently investigating Vupen's advisory. So it looks like these exploits are going to be fixed soon!
Starting today every owner of iPad, iPhone or iPod can easily jailbreak his device via browser on http://jailbreakme.com/
The site was created in a week after decision of the Library of Congress (that operates the Copyright Office), which states that jailbreaking isn't illegal, though Apple claims it actually represents a threat to the stability and security of the company's devices. Apple also says that jailbreaking voids the warranty, but such an action can be easily undone by resetting a device to the default factory settings.
Site JailbreakMe.com easily became a trending topic in Twitter after its announcement on RedmondPie.com. The jailbreak itself was created by hacker comex, and the website was done by chpwn and westbaer.
As you remember, few weeks ago iTunes Store was hacked and the top list of the Books category had been filled with a bunch of obscure books. That was achieved by a number of unauthorized charges that were made on accounts of several iTunes users, who eventually lost few hundred dollars. In turn Apple deleted developers who were found to use the fraudulent purchases.
These days Apple added new layer of security which now require every user to enter the security code of their credit card each time they register a new device or computer with their account, according to Different District blog. So if earlier malicious user just needed to guess a password for the account in order to receive and/or resell the acquired information to fraudulent buyers, after Apple’s security innovation it will require more efforts to do that.
MuscleNerd, hacker from DevTeam, commented via twitter on recent rumors that universal jailbreak (all iPhones and all firmwares, including iPhone 4 and iOS 4.0.1) will be released today. The basic answer is no, there will be no jailbreak today.
Not to make it a daily thing, but since somehow people thought it would be today: the new JB+unlock won't be out today
(there are issues with important apps like Facetime that need to be figured out...no sense releasing a half-broken JB)
Jay Freeman, better known as Saurik, the creator of Cydia, was interviewed by the home radio Make It Work. He speaks about the history and the future of the iPhone jailbreak.
Saurik describes the origins of Jailbreak and Unlock for the very first model of the iPhone. Jay explains that initially there were two important things to do with the iPhone 2G - to use other carrier than AT&T and to install any application.
He continues discussing the main applications from Cydia. Cycorder was the first to allow video recording, and Winterboard was the only one that allowed users to change the graphical interface of the iPhone. He also speaks about Comex, the hacker who is currently working with the Dev Team for releasing and Unlock for the iPhone 4. According to Saurik the tool is still not ready to be released to the public due to severe bugs in the code. Here the second part:
Run RedSn0w and point it at the 4.0 IPSW. (Yes – point it at the 4.0 IPSW even though you're at 4.0.1). This will also hacktivate your iPhone3G at 4.0.1 if you haven't already been activated by iTunes.
Install ultrasn0w in Cydia (add repository http://repo666.ultrasn0w.com) if you need a carrier unlock (and in the USA, remember to turn off 3G mode in Settings→General→Network).
Geohot closed the iPhone blog that he used to announce and release jailbreaks and unlocks over the past few years. The site now says "This blog is open to invited readers only". Yesterday he posted his last public blog entry.
Geohot has also now shut down his Twitter account which has 113,761 followers. Visiting the account now says "This person has protected their tweets".