Though the ikee worm and other recent incidents have highlighted security risks facing users of jailbroken iPhones, the question remains: If you are using a jailbroken iPhone, just how insecure is it and what can you do about it?
iPhone security has been
front and center the past two weeks, with much of the focus falling on
and the discovery of a tool that allows attackers to steal data
from jailbroken phones, some have wondered whether jailbroken
are inherently insecure. But are they? The true answer to this
question is a mix between yes and no-but experts agreed they are clearly less
secure than standard iPhones.
"It's not necessarily
insecure, but it's certainly less secure as it breaks the entire security model
[created by Apple]," noted security researcher Charles Miller. "That said, if
you have a jailbroken iPhone without a standard password in sshd, I'm not aware
of any exploits against it at the moment."
Attempts to jailbreak the iPhone are nothing new, as users have continually
found ways around Apple's restrictions in order to install unauthorized
applications. Jailbreaking has become a pastime for groups like the iPhone Dev Team
, which early this
year published a list of tips focused largely on keeping jailbroken
at the DEFCON 17 conference in Las
In the case of
the ikee worm and the hacker tool mentioned above, the issue at hand
is jailbroken iPhones running SSH with a default password, something
security researchers have warned against for some time. While the worm doesn't
have much of an impact beyond changing the user's wallpaper to an image of
1980s pop singer Rick Astley, the tool allows attackers to swipe
off the device. Addressing both these threats, however, only
requires jailbreakers to change their password
Forrester Research analyst
Andrew Jaquith pointed out users don't need to install OpenSSH when they
jailbreak their iPhones. However, from the standpoint of potential risk, there
are other things that can affect users as well.
"But even though you don't
need to install OpenSSH, a lot of people do-it's listed as one of those 'must-have'
apps on several jailbreaking boards. ... Anything that adds a service that
listens on a network port adds to the attack surface. I've mentioned OpenSSH,
of course. But did you know that the Apache HTTPD Web server has been ported to
the iPhone and can be installed on jailbroken phones? That's the kind of thing
I'm talking about," he said.
For enterprises concerned
about managing the iPhone
, jailbreaking could pose an additional hurdle,
Jaquith said. For example, if a user has jailbroken his phone, he may be able
to modify it to bypass mandatory security policies like the phone-unlock PIN
code, he added.
But even if the jailbroken
devices are not inherently insecure, many analysts and researchers agree that
they are less secure than standard iPhones. Apple designed the iPhone with
layered defensive architecture, Miller explained, and jailbreaking the phone busts
through all those layers. The point of jailbreaking after all is to install
additional software, which by itself increases the attack surface, he said.
"It turns out, at least on older iPhones, that code signing is enforced
via memory protections so that turning off code signing turns off features of
DEP [data execution prevention] too-there goes [the iPhone's non-executable
memory]," Miller said. "Many of the apps, such as sshd, or even the
installer Cydia run as root with no sandbox, there goes [least privileges and
Gartner analyst John
Pescatore agreed, adding that jailbreaking can have unintended effects for
business users as well.
"Basically, a jailbroken
phone means the iPhone is about as secure as a Windows PC without any security
add-ons like personal firewall [or anti-virus]," he said. "iPhones are not
manageable by enterprises anyway-it is a consumer-grade product, with no
actually supported management tools. A jailbroken iPhone is even worse,
however. When iPhone software updates come out, pushing them onto a jailbroken
phone has unpredictable consequences-and the likelihood of a lot more support
calls. Plus, there's much higher likelihood that the user has diddled the user
interface and other things that can break ... legitimate business apps that may
have been in use."