If you’re into iOS jailbreaking, then you may have noticed a spiffy new item recently: Browser-based JailbreakMe 3.0 was just released this week, and it can handle the long-awaited untethered jailbreak of the iPad 2. That’s right — it hacks all iPads, as well as the other iOS 4.3.3-running devices (iPhone 4, 3GS and iPod Touch 3rd and 4th gen).
The official jailbreak release follows an “Oops!” moment this weekend, when it was accidentally leaked. But since its official release just a couple of short days ago, the JailbreakMe.com site has been visited more than a million times, says project contributor Grant Paul (aka @chpwn on Twitter). Basically, all jailbreak hopefuls need to do is go to JailbreakMe.com via mobile Safari and tap a single button to witness Cydia get installed on their homescreens.
Of course, just because this is so simple a caveman could do it doesn’t mean there aren’t pitfalls. (In other words, if you attempt this, you do so at your own risk.) In particular, this PDF-based exploit (courtesy of the infamous hacker Comex) has underscored a pretty serious security vulnerability within iOS.
How serious is it? Well, it’s enough to attract attention from the German government, i.e. Germany’s Federal Office for Information Security (BSI). The department sent out an alert yesterday about this, shining a spotlight on the security hole.
In everyday language, here’s the gist: Basically, the same Safari security vulnerability that allows JailbreakMe to work (with people clicking on a link to access an infected PDF file) could also open doors to malicious hacks by unscrupulous parties. This, plus a secondary hole cited by BSI, could enable attackers to mine passwords, financial data and messages, as well as access the camera, tap calls and geo-locate the user.
This vulnerability isn’t new, however. In fact, since last year, jailbreakers have been relying on a Cydia app called PDF Patch (now in its second version) to plug up this hole.
And that’s the strange twist to this story. In this case, it turns out that jailbroken devices could actually be more protected than pristine handsets — at least for now. Apple, which has known about this for a while, has come out and announced that it is addressing it this time in the next iOS 4.3.4 update.
If it’s successful, JailbreakMe obviously won’t work with this software version. So if you’re interested in the exploit, take note.
And a final word of caution: If you do jailbreak using this or by any other means, then know that PDFs aren’t the only way malevolent attackers can hack your device. So right after you install PDF Patch 2, then for goodness sake, please change your default root password. (Instructions on how to do this are listed directly in Cydia. Yes, it’s that crucial.)
Got any other essential security or other JB tips for newbies? Please deposit them down below.
UPDATE: TB reader Mr. Redeemz (rightly) points out that Mobile Terminal doesn’t work on the iPad. Apparently, people have been waiting for compatibility for quite some time, since it would’ve made easy work of this. Unfortunately, they’re still waiting. For now though, a couple of sites have piped up with their own solutions on how to deal with the situation. iSmashPhone has a workaround here. (You can ignore the references to a tethered jailbreak, if you used the JailbreakMe.com method. This was an untethered hack.) iHackintosh has a simpler solution: “…for the time being you can turn off Turn of SSH when not required. Install SBSettings from Cydia so you can turn it off or on when you really required this…” I don’t vouch for these approaches, nor am I recommending people jailbreak their devices, so if you try these or any jailbreaking tactics, you’re assuming any and all risks.