If you have the slightest interest in jailbreaking iOS devices, then I’m sure you’ve heard of Comex, the genius behind JailbreakMe 3.0 and an eminent member of the jailbreaking community. Despite keeping any personal details about his private life a secret since he began cracking Apple’s gadgets, Comex reveals his real name, his age, and what he’s up to in his first interview.
After digging through Facebook, Twitter and the Brown Directory, Forbes managed to track Comex (@c0mex) down for an interview. His real name is Nicholas Allegra, he’s 19 and he lives with his parents in Chappaqua, New York. He’s been on leave from Brown University since last winter, looking for an internship, and in his spare time he likes to find exploits in Apple’s seemingly secure iOS source code — which he says isn’t difficult:
“It feels like editing an English paper. You just go through and look for errors. I don’t know why I seem to be so effective at it.”
Comex has been behind the last two JailbreakMe exploits — a tool which hacks an iOS device through its mobile Safari web browser in seconds without the need for a computer. A tool so popular that in the 24 hours that followed the launch of its third iteration in July, over one million people took advantage of the hack.
Charlie Miller is a former network exploitation analyst for the National Security Agency, and the first person to successfully hack one of Apple’s iPhones back in 2007. He told Forbes how impressed he was with Comex’ work:
“I didn’t think anyone would be able to do what he’s done for years. Now it’s been done by some kid we had never even heard of. He’s totally blown me away.”
Despite Apple’s growing list of attempts to kill the hacks developed by Comex, he remains a thorn in the side of the Cupertino company. What’s most impressive is that his work has been compared to that of Stuxnet:
Dino Dai Zovi, co-author of the Mac Hacker’s Handbook, says JailbreakMe’s sophistication is on par with that of Stuxnet, a worm thought to have been designed by the Israeli or U.S. government to infect Iran’s nuclear facilities. He compares Allegra’s skills to the state-sponsored intruders that plague corporations and governments, what the cybersecurity industry calls “advanced-persistent threat” hackers: “He’s probably five years ahead of them,” says Dai Zovi.
It’s no surprise, however, that Comex — who calls himself an Apple fanboy and regards Android devices as “the enemy” — knows his stuff. He taught himself the Visual Basic programming language by the time he was 9.
“By the time I took a computer science class in high school, I already knew everything.”
Despite his love for the iPhone, Comex is concerned about its flaws. It seems the device may not be as secure as many of us believe it to be:
Allegra admits that technically, there’s little difference between jailbreaking phones and hacking them for more malicious ends. “It’s scary,” he says. “I use the same phone as everyone else, and it’s totally insecure.”
Comex’ ability to seek out vulnerabilities in Apple’s iOS source code makes me wonder whether that internship he’s looking should be at the Cupertino camp.
The full interview with Forbes is fascinating, and I encourage you to go and read it if you have any interest in Comex and the jailbreaking scene.