The iPad 2 has just broken virgin territory by receiving its first ever jailbreak hack. Developers have used some unpatched vulnerabilities in Apple’s iOS to ‘jailbreak’ the flagship tablet from Cupertino’s favourite technology company.
Graham Culey, a senior technology consultant with UK Sophos said in his blog “If they exploited the same vulnerability in a copy-cat maneuver, cybercriminals could create booby-trapped webpages that could — if visited by an unsuspecting iPhone, iPod Touch or iPad owner — run code on visiting devices.”
He added “The site, jailbreakme.com, exploits a PDF vulnerability to run unauthorised code on Apple customers’ iPhones and iPads, including the new iPad 2. In this way they allow users to unlock their devices, and run programs that have not been approved by the official AppStore.
Usually jailbreaking requires users to connect their device to a computer before they can start to tamper with the set-up of their iPhone or iPad. Sites like JailBreakMe make the process much simpler.”
Apple need to patch this and quickly he says “All eyes now turn to Apple to see how quickly it can secure its users,” said Cluley. “Leaving a security hole like this open is simply inviting malicious hackers to exploit it.”
Comex, the guy in charge of the JailBreakMe website said “I did not create the vulnerabilities, only discover them. Releasing an exploit demonstrates the flaw, making it easier for others to use it for malice, but they have long been present and exploitable. Although releasing a jailbreak is certainly not the usual way to report a vulnerability, it still has the effect of making iOS more secure in the long run.”
Kitguru says: Possibly these reports are helping Apple long term, but it isn’t assuring the public that the devices are totally secure, especially in the wrong hands.