Linked by Thom Holwerda on Mon 9th Nov 2009 23:39 UTC
Apple The web went aflame today with headlines like "First iPhone worm discovered", and many other variants. Most of those headlines, however, left out a very important little fact which diminishes the impact of the news considerably: it only affects jailbroken iPhones with SSH installed, and with default root passwords.
Thread beginning with comment 394163
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[6]: Smart and dumb?
by broch on Wed 11th Nov 2009 23:49 UTC in reply to "RE[5]: Smart and dumb?"
broch
Member since:
2006-05-04

[quote]A non-jailbroken iPhone sandboxes apps and definitely does not give root access to them. It also code-signs all installed apps.[/quote]
you must be dreaming assuming nice theory with sad reality (number of security issues with iPhone is qute amazing)

what would be a point to jailbreak blackberry?

find similar security problems with blackberry (and tons more that are marketing signature of iPhone e.g. clear text passwords to encrypt device and so on)

iPhone is nice but jailbroken or not this is not secure device
and this is more recent nasty story:
http://blog.intego.com/2009/11/11/intego-security-memo-hacker-tool-...

Reply Parent Score: 1

RE[7]: Smart and dumb?
by Chicken Blood on Thu 12th Nov 2009 19:34 in reply to "RE[6]: Smart and dumb?"
Chicken Blood Member since:
2005-12-21

[quote]A non-jailbroken iPhone sandboxes apps and definitely does not give root access to them. It also code-signs all installed apps.[/quote]
you must be dreaming assuming nice theory with sad reality (number of security issues with iPhone is qute amazing)


No I'm not "dreaming assuming nice theory with sad reality" (whatever that means). I'm setting you straight on your claim that the iPhone does not codesign or sandbox its apps. I said nothing about any other possible iPhone security issues.

what would be a point to jailbreak blackberry?


Oh I don't know. To run SSH on it maybe, like was done on the iPhone in the subject of this article?

Reply Parent Score: 2

RE[8]: Smart and dumb?
by broch on Thu 12th Nov 2009 20:44 in reply to "RE[7]: Smart and dumb?"
broch Member since:
2006-05-04

No you are not setting anything straight. It is quite easy to escape iPhone sandboxing. SMS runs on iPhone not sandboxed. Maybe check Miller's reports about "security" of sandboxed iPhone (crashing whole OS). The only real thing Apple "sandboxing" does is keep users from not buying apps from Apple store and extract maximum revenue.
What is funny is that Apple wants to patent crippling (ehmm sandboxing) cellphone devices (http://appft.uspto.gov/netacgi/nph-Parser?Sect1=PTO1&Sect2=HITOFF&d...)

iPhone is not safe device, never was. If Apple was smart they will open iPhone apps to keep users happy and eliminate jailbreak problems.


I don't need jailbroke blackberry to run (safely) SSH.

Reply Parent Score: 1