When Apple releases a major update like yesterday’s iOS 8.1.3, it’s usual for the company’s coders to fix (or, in other words, break) all known jailbreak exploits.
Not so surprisingly, the latest update is no different. It fixes several exploits that are necessary to run the iOS 8.1.2 jailbreak. But in a classy move, at least Apple gave a hat tip to the jailbreak team for calling their attention to the exploits.
As you might recall, Chinese jailbreaking team TaiG was responsible for the iOS 8.1.2 jailbreak.
Apple apparently took notice of their work, because on a support page for the new iOS 8.1.3, Cupertino calls out the TaiG Jailbreak Team by name for helping them fix the following bugs:
AppleFileConduit
Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: A maliciously crafted afc command may allow access to protected parts of the filesystem
Description: A vulnerability existed in the symbolic linking mechanism of afc. This issue was addressed by adding additional path checks.
CVE-ID
CVE-2014-4480 : TaiG Jailbreak Team
dyld
Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: A local user may be able to execute unsigned code
Description: A state management issue existed in the handling of Mach-O executable files with overlapping segments. This issue was addressed through improved validation of segment sizes.
CVE-ID
CVE-2014-4455 : TaiG Jailbreak Team
IOHIDFamily
Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: A malicious application may be able to execute arbitrary code with system privileges
Description: A buffer overflow existed in IOHIDFamily. This issue was addressed through improved size validation.
CVE-ID
CVE-2014-4487 : TaiG Jailbreak Team
Kernel
Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: Maliciously crafted or compromised iOS applications may be able to determine addresses in the kernel
Description: The mach_port_kobject kernel interface leaked kernel addresses and heap permutation value, which may aid in bypassing address space layout randomization protection. This was addressed by disabling the mach_port_kobject interface in production configurations.
CVE-ID
CVE-2014-4496 : TaiG Jailbreak Team
With these exploits fixed, it’s only a matter of time before TaiG (or other teams) find new exploits to jailbreak. My guess is when Apple fixes those, they’ll be classy enough to credit the jailbreakers too.
Source: Apple
Via: iDownloadBlog
John Brownlee is a writer for Fast Company, and a contributing writer here at CoM. He has also written for Wired, Playboy, Boing Boing, Popular Mechanics, VentureBeat, and Gizmodo. He lives in Boston with his wife and two parakeets. You can follow him here on Twitter.
13 responses to “Apple stays classy about jailbreakers with iOS 8.1.3 patch notes”
I say, bravo Apple. They should absolutely be filling holes in iOS that can be used to gain control of your phone and get personal info. Yes, that group of hackers includes jailbreakers. What I don’t understand is why jailbreaking is even necessary. All the features people used to crave have been added as of iOS 8. If you want to hack apart your phone OS, buy an Android phone. That OS was made for hacking. If you want something that works well and never lags, keep the stock OS and use an iPhone.
completely agree – I used to jailbreak and then unlock my iPhones. but once apple began selling unlocked iPhones – i have never jailbroken my iPhones ..
I still jailbreak. The main reason is for wifi hotspot. I still have unlimited data on VZW and I can’t do it until I jailbreak. There are other jailbreak tweaks that make things a bit easier depending on what may annoy someone.
However, I understand why you don’t jailbreak, but I’m glad it’s there. I have never been able to justify jailbreaking to someone who just likes their iPhone experience. So is it cool? Sure. Is it necessary? Absolutely not.
Because people want to. iOS will never be exactly the way people want it and this allows people to tweak and fine tune their iPhone to their liking making it truly theirs. As well as the tethering ability without having to pay for it. It’s a win win situation because you don’t lose your warranty and you get it as close to the way you really want it. That’s why.
If you don’t see a need for jailbreaking, then you’re simply unaware of all the latest tweaks that make the iPhone even more of a joy to use.
My experience exactly. I finally jailbroke my phone so I could use f.lux, then discovered cool tweaks like CleverPin and Adblock for iOS that have made my iPhone experience so much more pleasurable. Never going back!
They usually do this.
I think the intent was to rub it in their face and sarcastically “thank” them for the exploit find, not give them props for finding it.
MY biggest need to jailbreak is simple….Scale-able icons and additional rows and columns. Why these mobile device OS developers insist on wasting so much screen real estate to provide huge icons is asinine. Android, Google, Samsung and Apple all do it. icons need to be scale-able up or down as an option IN the OS regardless of jailbroken or rooting.
Android IS Google, moron.
This is nothing new.
jailbreaking is amazing you get free music movies free apps free in app purchaces nfl games mlb games nba games and ufc ppv events all for freeeeeeeeee:P
One of THE main reasons to jailbreak is blocking ads on YouTube.