The Electronic Frontier Foundation wants to extend the legal protection for users who jailbreak their smartphones to video game consoles and other mobile devices.
The Electronic Frontier
Foundation believes jailbreaking and circumventing digital rights management on
mobile devices and video game consoles should be legal.
application to the U.S. Copyright Office
requests an exemption to the
Digital Millennium Copyright Act that would allow users to
"jailbreak" smart phones, tablets and video game consoles, the EFF
wrote Dec. 2. The exemptions would dispel "any legal clouds" that may
prevent users from running applications and operating systems not approved by
the manufacturer, according to the EFF.
Jailbreaking refers to the
process of removing the stock firmware on a hardware device and replacing it
with a different operating system. The team behind Jailbreak Me has released
tools for the iPhone and iPad for users interested in running unauthorized applications.
Steve Kondik developed
Cyanogen Mod, a home-brew Android that users can install on their rooted
devices. George Hotz, also known as Geohot, released a tool on how to jailbreak
the Playstation 3 to run Linux earlier this year. There is a thriving jailbreak
community around Microsoft's Xbox game system, and there is a service,
ChevronWP7 Labs, which allows users to install homebrew and jailbreak applications
on the Windows Phone OS. Microsoft even works with the Labs team to support the
"Rather than hurting
companies like Apple, the jailbreaking community often ends up helping them, as
Apple and other manufacturers later adopt many features they rejected at
first," Trevor Timm, an activist at the EFF, wrote on the EFF blog.
The EFF won an exemption in
2009 to protect users who want to jailbreak iPhones and other smartphones. The
"vibrant jailbreaking community" has "immeasurably improved
innovation, security and privacy in these devices," Timm wrote. The EFF
wants devices such as the iPad, e-readers and video game consoles to have the
"same benefits" those smartphone users have enjoyed for the past
three years, he said.
Fixes developed by the
jailbreaking community correct device and operating system security flaws
before the manufacturer gets around to fixing them. The Jailbreak Me team
identified a security flaw earlier this year in how the iPhone's
Web browser opened PDF files
. Until Apple got around to fixing the issue,
the protected users were the ones who had jailbroken iPhones and were able to
install the "unauthorized" patch released by the team.
The DigiNotar compromise was
another example of the jailbroken devices being protected first, according to
Timm. After reports emerged that DigiNotar
certificate authority was compromised
, major Web browser vendors updated
the desktop versions to revoke the root certificate. It took a while for the
vendors to revoke the certificates on mobile browsers, but users with
jailbroken devices were able to update the Web browsers manually to protect
themselves, Timm wrote.
The jailbreaking community
has "also been vital in securing users' privacy," Timm wrote. He gave
examples such as an iPhone application that hid text messages from appearing on
the front screen or a patch that prevented Apple
from logging location data
. An unauthorized application called LBE Privacy
Guard allows users to research and monitor sensitive data that may be
accessible to third-party applications. These "protective
applications" are only available to users who jailbreak their devices,
according to Timm.
"Going against the
wishes of your vendor can turn out to be quite the double-edged sword,"
Chester Wisniewski, senior security advisor at Sophos, wrote on the Naked
, noting that users with jailbroken devices would have an
easier time removing the Carrier IQ monitoring tool from their phones.
However, the jailbreak could
also expose users to malware and other security threats since the same security
flaw that allowed the jailbreak could be maliciously used to compromise the
device. The Ikee worm for the iOS was one such example since the jailbreak
exploit also enabled the Secure Shell (SSH) daemon on the phone to give
potential attackers remote access, Wisniewski said.
"Hack the world! Just
remember that you are on your own if you thumb your nose at the manufacturer of
your device," Wisniewski wrote.