Makes Sense...
"I removed the security of my device, and try to get apps from a (no doubt) piracy-oriented Chinese website, and now I'm vulnerable to malware" - well fancy that, who'd have guessed!?!
Users on a mobile phone hacking subreddit are being credited with the discovery of a malware infection targeting iOS users. The r/jailbreak community uncovered the infection while assisting a user who had been noticing unusual activity on his jailbroken iPhone. Known as 'Unflod Baby Panda', the infection targets jailbroken …
This post has been deleted by its author
"Does the device not have the functionality already built in that you want, and if not, why did you buy it then?"
No and I did buy it because a jailbroken iPhone is much smoother and likeable than a rooted android anyway.
So, having said that the right (and safe) way to have a jailbroken iPhone is to stay inside the official jailbreak tweaks store called Cydia and to avoid like a plague pirated stores and pirated tweaks (which will bring you viruses, diseases and google glasses) with a jailbroken iPhone you could achieve:
- Activator: which would let you to automate lots of functions like: auto switch off/on wifi and cellular data depending of yours location to save battery; secret gestures to bypass the passcode lock screen while with the official swipe you (or a thief) still have to get to enter the passcode (also modify the way you can power off the phone or the data so if someone steal your phone you'd be able to track it until the battery dies); activate functions via sms, activate location services only for certain apps (saves battery again), power up the control centre to add multitasking and functionalities without the pain in the ass to enter the setting menus if you only want to disable, for example, the cellular data (it saves time and energy damn apple!); night mode so you'll not get blind if you use the phone in a low light situation; ability to automatically put the volume down to a certain % when you plug the earbuds so you don't get deaf when the music starts (also let the music app to start at the same time if you like); remove all the stupid and annoying banners alerts like "cellular data is not enabled" "location improved if on wifi" when using maps, "battery is going to die" etc and put them in the top bar. Better handle of screenshots with personalised gestures, also the ability to avoid screenshots to ends up inside the icloud stream and maybe just copy them into the clipboard if you just want to past them into a message. Speaking about messages: quick freaking reply from anywhere without open the messages/whatsapp app! Ability to keep youtube in background and listen whatever you're listening while doing something else. Stock camera powered with functions like focus and exposure views / timelapse mode / timer mode and the ability to choose the quality/size and video frame rate; Custom spotlight actions so I can enter an appointment/reminder to Fantastical using a natural language directly from the spotlight without opening the app and press a billions of buttons; Last but not least (for myself) stops incoming calls to block whatever am doing and put the call notification on the top bar.
That's just a few ways a jailbreak would improve your iphone so much that having to handle a stock iOS again would be like having the dumbest experience ever afterwards.
Fixed the article title for you.
Here's the most recent iOS security white paper which shows the attention to detail Apple puts into the implementation of iOS security. Jailbreaking compromises it.
http://images.apple.com/ipad/business/docs/iOS_Security_Feb14.pdf
"Here's the most recent iOS security white paper which shows the attention to detail Apple puts into the implementation of iOS security. Jailbreaking compromises it.
http://images.apple.com/ipad/business/docs/iOS_Security_Feb14.pdf"
Yeah - what a ridiculous idea: wanting to use your iThang the way you want to rather than what is proscribed.
I'm not going to bother reading the pdf - I'm sure its really reassuring ... if you have no idea about software bugs or system security in general.
Get a grip.
Cheers
Jon
PS OK I will read the PDF ... (less than 10 mins edit time later) Ahh, I see this under VPN:
• PPTP with user authentication by MS-CHAPV2 Password and RSA SecurID or
CRYPTOCard.
Yep - that's reassuring. Just don't use it kids.
> Yep - that's reassuring. Just don't use it kids.
Well, you'll be happy to know that you don't have to. Besides PPTP -- because I guess some people still use windows servers as VPN termination points? -- iOS supports real IPSec and a myriad of other VPN types due to its pluggable VPN subsystems, so you're welcome to install Cisco AnyConnect or Juniper or ... you get the point.
"PPTP with user authentication by MS-CHAPV2 Password "
The mention of CHAP took me back to the nineties (I think, a long time ago anyhoo).
First hit for CHAPV2:
Divide and Conquer: Cracking MS-CHAPv2 with a 100% success rate
"Yeah - what a ridiculous idea: wanting to use your iThang the way you want to rather than what is proscribed."
Or is it a ridiculous idea to expect everything to be infinitely customizable? It's not necessarily a bad idea to use stuff the way it was designed to be used. I assume you use almost all the things you own the way the manufacturer intended. Or do you also e.g. log in to car forums to complain that you can't turn all the seats around in your car so you can conveniently drive it backwards down the highway?
Just because you can install a custom keyboard in Android doesn't mean it's a panacea. I owned a Nexus 4. There was no way to set it to vibrate while it was locked by using the hardware buttons. (I didn't want to have to turn the screen on and swipe around every time I wanted it set to vibrate.) You'd think there would be an app to accomplish this or a way to write a script, etc. But no. This simple, valuable feature that's on every iOS device is apparently impossible to duplicate with Android short of building your own distro. Same issue with automatically adjusting the volume depending on what kind of 3.5mm device is plugged in (microphone or no microphone). If I plug my phone into my car (no microphone) then I want a different volume level than if I plug in my headset... again, there's apparently no way to accomplish this basic feature with Android. So, have fun with all your customizability, which seems to mostly amount to being able to change the keyboard.
This post has been deleted by its author
This post has been deleted by its author
"Could it be Apple is finally at Critical Mass? CM being that point when users start messing things up for everybody? And the now cross-platform bad guys are waiting/working for that sweet sweet personal info? <applause>"
Yes because HARDLY ANYONE uses iPhones do they?
The fact that a single piece of malware on the -jailbroken- iOS platform is deserving of it's own news story should tell you a lot.
This post has been deleted by its author
"The point being missed is this: Proof of Concept. What was previously thought impossible becomes possible ... "
Proof of WHAT concept? According to this article, if you remove the security restrictions of iOS (by jailbreaking the device) then you can run software with no security restrictions (e.g., malware that does stuff you don't want).
Is that a "concept"? What we're really talking about here is "if A, then A."
You're trying to turn this into some kind of Apple security thing which it absolutely is not.
The fact that a single piece of malware on the -jailbroken- iOS platform is deserving of it's own news story should tell you a lot.
The biggest thing it tells me is that there are enough of these to be profitable. Either than, or this represents ongoing efforts to infect non-jailbroken devices. It is still all about the money.
Funny, that doesn't stop the tards in the peanut gallery coming out to attempt picking holes in a certain other phone OS that only seems to have malware problems when you break it.
And spreading through "Chinese iOS software sites"? Gasp, you mean unauthorised copies exist on Apple phones as well?
Well I'd have never thunk it.
Just happens that 3rd party pirate apps are where most will be.
It is easy getting malware into the app store, but at $100 per year Apple fee/tax only those aiming high will want to.
The bonus there is that IOS running low level code allows for lots of malware tricks.
Funny how you have to go quite far out of your way to compromise the security and integrity of IOS, yet on desktops (especially windows) it's a breeze. Seems any supposedly legit install on windows these days comes with spyware as standard.
update adobe and get a free unwanted copy of McAfee virus scan.
update java get a free unwanted browser toolbar
download any thing from download.com, tucows.com, cnet softpedia or any of the download sites and get a load of crap you don't want (these sites claim apps are virus and spyware free but then confuse you into downloading them anyway)..
the funniest thing is that the app you want might only be a few KB but the downloader is ~1MB.
think your clever and can just download the app you want and you find that that is just an app wrapper too.
just try and download 'wireless wizard' for an example.
if only M$ had a download site with apps guaranteed to be free of bloat, virus etc.
Funny how you have to go quite far out of your way to compromise the security and integrity of IOS, yet on desktops (especially windows) it's a breeze.
That's because desktop OSes, or as I prefer to call them, "real OSes", actually give you control of the device rather than locking root permissions away behind a manufacturer or vendor key, like iOS and Android both do.
Granted, Android's "walled garden" is more of a knee-high bit of trellis, but they're both basically locked down and locked up like some kind of games console. Oh yeah, and that Windows Phone thing, too.
Still waiting for an alternative Droid ROM that'll let people re-lock their device under a personal key. All the freedom of a proper OS (well, to an extent), with gazillions of apps that have no excuse to ask for root and a user base that is probably conditioned to be suspicious of anything that wants root. Yes, please.