Jailbreak iPhone, iPod Touch, iPad

There is a big a security hole in iPhone iOS. The device is insecure in a big and obvious way. You should be extremely careful of what sites you visit.

The FlateDecode vulnerability can be used when a PDF File is embedded within a Web page. Basically Safari tries to parse the PDF. And when it does it executes some code. Hackers can use this exploit to read and write iPhone data, get your contacts, sms, even delete something. So they can get all kinds to access your personal information stored on your iOS device.

Apple will fix it some day. Until then you need to take care of your iPhone security. There is a fix for that. It is available via Cydia for jailbroken devices. So you need to jailbreak in order to secure (funny isn’t it?).

Will Strafach has released the fix as a Cydia-based package called “PDF Loading Warner.” Simply download and install the package. Every time Mobile Safari attempts to download and parse a PDF you will get the following message:

Now you can control, where to accept PDF (as not all of them are made by hackers) and where to select cancel.

Recently Vupen, which is a French security firm, posted an advisory that contained information about two critical security vulnerabilities in Apple’s iOS. After a while hacker comex used these flaws to create a jailbreak, which is now widely known and available on JailbreakMe.com.

But according to Reuters, yesterday Apple decided to react and its spokeswoman Natalie Harrison revealed that the company is currently investigating Vupen’s advisory. So it looks like these exploits are going to be fixed soon!

Jailbreaking an iPhone 4 is easy. Jailbreaking at an Apple retail store is fun. One of the users did that and captured everything on video. Take a look at the video:

FaceTime feature gives users the possibility to make  voice calls. Apple restricted this feature to Wi-Fi only. Today it became possible to use it over 3G!

Setup Instructions:

1. Jailbreak your iPhone 4 via www.jailbreakme.com.
2. Download and upgrade to the latest Cydia package.
3. Open Cydia, Go to Manage then Sources.
4. Click Sources, Edit then add: http://apt.modmyi.com
5. Search for “My3G” — download, and install it. It costs $2.79. My3G makes Apps believe that they are on WiFi instead of 3G.
6. Go through the Rock setup process with a username and password. Open My3G and leave all settings on the default.
7. FaceTime should now work over 3G! — Make sure to “Forget” the WiFi network you are on (via iOS settings) if you want to test it.

We haven’t seen any difference between the 3G FaceTime call and a WiFi FaceTime call. The quality is very good.

Here’s a video demo:

Here’s an interesting video from MuscleNerd, who jailbreaks an iPad using JailBreakMe in a plane (over New Mexico via “Gogo Inflight Internet” wifi). Nice!!

Many users reported that the first version of JailbreakMe broke the FaceTime and MMS features. The DevTeam fixed the bug.

New JailbreakMe users should simply proceed normally. The new version will not remove FaceTime or MMS from the iPhone.

Users who already installed JailbreakMe can get an easy fix. They should simply run Cydia and upgrade to the latest software.

Here is the quick 1 minute video of JailBreakMe working on an iPhone 4:

Here is the video of recently released universal safari jailbreak called JailBreakMe working on an iPhone 3G:

Starting today every owner of iPad, iPhone or iPod can easily jailbreak his device via browser on http://jailbreakme.com/

The site was created in a week after decision of the Library of Congress (that operates the Copyright Office), which states that jailbreaking isn’t illegal, though Apple claims it actually represents a threat to the stability and security of the company’s devices. Apple also says that jailbreaking voids the warranty, but such an action can be easily undone by resetting a device to the default factory settings.

Site JailbreakMe.com easily became a trending topic in Twitter after its announcement on RedmondPie.com. The jailbreak itself was created by hacker comex, and the website was done by chpwn and westbaer.

MuscleNerd tweeted today that the recent redsn0w utility is able to jailbreak the iOS 4.1 beta2 on iPhone 3G and iPod Touch 2G. This is useful for developers only, however good news for everyone.

Here’s some info from the DevTeam wiki page:

If you’ve updated to 4.1beta2 on iPhone3G or iPod2G(non-MC), you can use this redsn0w from June to jailbreak. Just point it at the 4.0 IPSW (the public one, not the developer GM one).

(Yes – point it at the 4.0 IPSW even though you’re at 4.1beta2).

Don’t do this if you need the ultrasn0w carrier unlock!!

Note 1: This won’t hacktivate your iPhone3G – but for those with legit access to the 4.1beta2 this shouldn’t matter. Please don’t pirate Apple software

Note 2: If you’re at 4.1beta2 you’ll probably experience network problems after jailbreaking. Until a new version of redsn0w is released, you may need to rely on afc2 access (such as FunBox-like file browser programs) to manipulate your filesystem.

Note 3: This is recommended only for power users who can deal with the problems that will pop up as the JB apps fall further behind the beta firmwares.