Feeds

Hackers release jailbreak for iPad and newer iPhones

'Spirit' points way to userland

SANS - Survey on application security programs

Hackers have once again wrested a measure of control from Apple's iron-fisted grasp of iPads and newer iPhones with the release of jailbreaking software that allows hundreds of unapproved apps to be installed on the devices.

The package, called Spirit, was released over the weekend for devices running firmware versions 3.1.2, 3.1.3, and 3.2, which until now weren't easily freed from Steve Jobs' Howard-Hughesian control. The software allows users to customize homescreen images, tether the devices to a PC so they can be used as a modem and do other things that Apple considers verboten. It also allows users to install third-party apps from unapproved repositories such as Cydia and RockYourPhone.

Spirit works only on iPhones that have been activated and are already running an unmodified version of recent firmware. Devices that have been jailbroken by another program should be restored to 3.1.2, but users should ensure SHSH blobs have been backed up, the authors stress. It provides no support for unlocking carriers, so users will still be stuck with current mobile provider after running the software.

The untethered jailbreak allows devices to remain unlocked even after they are rebooted or plugged in to a computer. It exploits a vulnerability in the heavily locked-down "userland" section of a device, something the authors said hasn't been achieved since the early days of the iPhone. Spirit is available on both Mac OS X and Windows.

By most all accounts, installation is seamless, although the software authors report some errors for Windows users and say they can be overcome by setting the compatibility mode in Spirit to Windows 98 or 95.

They also warn that some of the apps offered by Cydia are "not designed for iPad, [and] might screw up your system and require you to restore." Step-by-step installation instructions from ReadWriteWeb are available here. ®

Combat fraud and increase customer satisfaction

More from The Register

next story
Reg man builds smart home rig, gains SUPREME CONTROL of DOMAIN – Pics
LightwaveRF and Arduino: Bright ideas for dim DIYers
Leaked pics show EMBIGGENED iPhone 6 screen
Fat-fingered fanbois rejoice over Chinternet snaps
Apple patent LOCKS drivers out of their OWN PHONES
I'm sorry Dave, I'm afraid I can't let you text that
Microsoft signs Motorola to Android patent pact – no, not THAT Motorola
The part that Google never got will play ball with Redmond
Slip your finger in this ring and unlock your backdoor, phone, etc
Take a look at this new NFC jewellery – why, what were you thinking of?
Happy 25th birthday, Game Boy!
Monochrome handset ushered in modern mobile gaming era
Rounded corners? Pah! Amazon's '3D phone has eye-tracking tech'
Now THAT'S what we call a proper new feature
US mobile firms cave on kill switch, agree to install anti-theft code
Slow and kludgy rollout will protect corporate profits
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.