PSA: A jailbreak tweak can permanently brick your iPhone or iPad

Jailbreak iPhone
As jailbreaking iOS devices has gotten easier over the years, the likelihood of bricking them in the process has reduced. But don’t think your device is safe once jailbreaking is complete. One developer has discovered an exploit that can brick iPhones and iPads permanently.
Redditor arcticsn0w has created a proof-of-concept tweak called KilliOS that, once installed, prevents your iOS device from ever booting up again. It’s irreversible, so if it happens to make its way onto your iPhone or iPad, there is no going back.
What’s worrying is that the exploit is based on a recent bootcolor-changing jailbreak tweak from dayt0n that alters a device’s VRAM. While arcticsn0w doesn’t intend to break devices with his code, he has made it available to prove how dangerous it can be.
“It is an empty package which messes with nvram values in the postinst script, and then forces a reboot,” arcticsn0w explains in his original Reddit post. “Installing this package will instantly kill your device.”
KilliOS is supposed to serve as a warning to jailbreakers; it is meant to demonstrate that unknown tweaks from untrusted sources could quite easily render your iPhone or iPad completely unusable. If you don’t always use safe repos, then, this should be an eye-opener for you.
RedmondPie reports that arcticsn0w never intended for KilliOS to be malicious, but rather to prove what malicious code can do. He did make it available to download via his own repo initially, but he quickly pulled it and made the source code available via GitHub instead.
The hope is that other developers will be able to use that source code to create a patch that can prevent KilliOS and similar packages from doing permanent damage to iOS devices. One Redditor has already created a “quick fix” that will prevent certain scripts from bricking your device, but it doesn’t yet block KilliOS.
Jailbreaking doesn’t have to be unsafe; if you stick to trusted repositories — those provided by default in Cydia — you shouldn’t have to worry about malicious code like this. But if you add untrusted repos manually and download unrecognized packages, you’re asking for trouble.
[via RedmondPie]

Comments

Post a Comment

Popular posts from this blog

How to watch WWDC keynote live on Mac, iPhone, iPad, Apple TV, Windows, Linux and Android

Image
As you know, Apple’s annual Worldwide Developers Conference kicks off today with a State of the Union-like keynote address. WWDC is the most important event for the Apple community as it gives a sneak peak at how the firm plans to woo app developers in the year. The 26th summer event runs from June 8 through June 12 at San Francisco’s Moscone West, where CEO Tim Cook will share the stage Monday morning along with other company executives to deliver latest advances concerning iOS, OS X and Watch OS platforms. Apple will be providing a live stream through the Apple Events webpage on its website, using the new familiar weblog-like layout. Although the official live stream is limited to Mac, iPhone, iPod touch, iPad and Apple TV devices, you can enjoy it on other platforms, too. Without further ado, here’s a quick tutorial on what you’ll need to watch the keynote live on both Apple devices and non-Apple platforms like Windows, Linux and Android. When does WWDC keynote sta
Read more