 JohnInSJPremium
join:2003-09-22
San Jose, CA
 ·PHONE POWER
 ·Comcast
| reply to dellsweig
Re: [JB] How they did it - AWSOME This Unix internals person cringed at
"it uses a Unix trick called a “shebang” that can summon up code from another, signed application. "
»en.wikipedia.org/wiki/Shebang_%28Unix%29
This isn't a "Unix trick". This is how shell files indicate what shell they need to interpret themselves. If THAT is the security hole in iOS, it's time to fire the security review team. Wow.
"Wang won’t say exactly how that AMFID-defeating part of the jailbreak works. “Apple can figure that one out for themselves,” he says." and then he goes on to explain how they defeated ASLR (which has been defeated many times) so, clearly, they're patching stuff in memory to defeat AMFID - not unlike the Surface RT hack that lets you run unsigned code on RT.
Nice hack. I'm convinced at this point Apple makes these things just hard enough to jailbreak to seem like it's an accomplishment, but not so hard as to be impossible. The exploits used here are actually fairly critical security holes in iOS, they have to have been left purposefully. If not, then as I said some people should be looking for new work.
--
My place : »www.schettino.us |
|
|
|
 dellsweigExtreme AerobaticsPremium,MVM
join:2003-12-10
Campbell Hall, NY
kudos:1
·Vonage
| said by JohnInSJ:This Unix internals person cringed at
"it uses a Unix trick called a “shebang” that can summon up code from another, signed application. "
»en.wikipedia.org/wiki/Shebang_%28Unix%29
This isn't a "Unix trick". This is how shell files indicate what shell they need to interpret themselves. If THAT is the security hole in iOS, it's time to fire the security review team. Wow.
"Wang won’t say exactly how that AMFID-defeating part of the jailbreak works. “Apple can figure that one out for themselves,” he says." and then he goes on to explain how they defeated ASLR (which has been defeated many times) so, clearly, they're patching stuff in memory to defeat AMFID - not unlike the Surface RT hack that lets you run unsigned code on RT.
Nice hack. I'm convinced at this point Apple makes these things just hard enough to jailbreak to seem like it's an accomplishment, but not so hard as to be impossible. The exploits used here are actually fairly critical security holes in iOS, they have to have been left purposefully. If not, then as I said some people should be looking for new work.
This UNIX internals person smiled ear to ear......
--
Nothin' left to do but smile smile smile  |
|
Reviews:
 ·Verizon FiOS
| reply to JohnInSJ
said by JohnInSJ: I'm convinced at this point Apple makes these things just hard enough to jailbreak to seem like it's an accomplishment, but not so hard as to be impossible. I think of it as "Deep Marketing"
--
"My hat, my cane, Jeeves". |
|
 J E F FWhatta Ya Think About Dat?Premium
join:2004-04-01
Kitchener, ON
kudos:1 | reply to JohnInSJ
Those security holes shouldn't be there. Doesn't matter, as long as we can jailbreak. |
|
