- Mobile Security Tutorial
- Mobile Security - Home
- Mobile Security - Introduction
- Mobile Security - Attack Vectors
- App Stores & Issues
- Mobile Security - Mobile Spam
- Mobile Security - Android OS
- Mobile Security - Android Rooting
- Mobile Security - Android Devices
- Mobile Security - Android Tools
- Mobile Security - Apple iOS
- iOS Device Tracking Tools
- Windows Phone OS
- Mobile Security - BlackBerry OS
- Mobile Security - BlackBerry Devices
- Mobile Security - MDM Solution
- SMS Phishing Countermeasures
- Mobile Security - Protection Tools
- Mobile Security - Pen Testing
- Mobile Security Useful Resources
- Mobile Security - Quick Guide
- Mobile Security - Useful Resources
- Mobile Security - Discussion
Mobile Security - Apple iOS
iOS is Apple mobile's operating system established for its iPhones. It maintains and sustains other Apple devices such as iPod Touch, iPad, and Apple TV. Using the Mac OS X, the iOS operating system is fabricated.
The user interface is based on the concept of direct manipulation, using multi-touch gestures. This has many other options and features using which daily work becomes easy and this can be updated on your iPhone, iPad, or iPod Touch using Wi-Fi and other wireless networks.
Jailbreaking iOS
Jailbreaking is taking control of the iOS operating system that is used on Apple devices, in simple words the symmetry of Rooting in Android devices. It removes the device from the dependencies on exclusive Apple source applications and allows the user to use third-party apps unavailable at the official app store.
It is accomplished by installing a modified set of kernel patches that allows you to run third-party applications not signed by the OS vendor. It is used to add more functionality to standard Apple gadgets. It can also provide root access to the operating system and permits download of third-party applications, themes, extensions, etc. This removes sandbox restrictions, which enables malicious apps to access restricted mobile resources and information.
Jailbreaking, like rooting, also has some security risks to your device −
- Voids your phone's warranty
- Poor performance
- Bricking the device
- Malware infection
Types of Jailbreaking
When the device starts booting, it loads Apple's own iOS, and to install apps from third parties, the device must then be broken and have the kernel patched each time it is turned on. There are three types of jailbreaking methods used.
iBoot Exploit
An iBoot jailbreak allows the file system and iboot level access. This type of exploit can be semi-tethered if the device has a new boot-rom. This is mostly used to reduce low-level iOS controls. This exploit method takes the help of the hole in the iBoot to delink the code signing appliance and then the customer can download the required applications. Using this method, the users configure the mobile to accept custom firmware and probably jailbreak more.
Userland Exploit
A userland jailbreak allows user-level access but doesn't allow iboot-level access. This type of exploit cannot be tethered as it cannot have recovery mode loops. These can be patched by Apple. The userland exploits use a loophole in the system application to gain control of that application. The exploit can only give control to the filesystem. This type of exploit can access non-vital code in the application and is user friendly and platform independent.
Bootrom Exploit
A bootrom jailbreak can break all the low-level authentications such as providing filesystem, iBoot, and NOR access (custom boot logos). This process finds a hole in the application to discard the signature checks. It can't be corrected by Apple. A bootrom jailbreak allows user-level access and iBoot-level access. These cannot be patched by Apple.
Jailbreaking Techniques
There are two types of Jailbreaking techniques.
Untethered Jailbreaking
Untethered jailbreak is a technique of rebooting the mobile device without connecting it to the system every time it is booted. If the battery of the device is spoiled, after changing it boots as usual. Tools for this are PwnageTool, Greenpois0n, Sn0wbreeze, and Limera1n.
Tethered Jailbreaking
If the device starts backing up on its own, it will no longer have a patched kernel, and it may get stuck in a partially started state. In order for it to start completely and with a patched kernel, it essentially must be "re-jailbroken" with a computer (using the "boot tethered" feature of a jailbreaking tool) each time it is turned on.
App Platform for Jailbroken Devices: Cydia
Cydia is a jailbreaking device which can be downloaded from https://cydia.saurik.com/. It helps iOS users to install other third party applications. Cydia has different extensions, themes, features, and customizations.
It is a graphical front-end to Advanced Packaging Tool (APT) with the dpkg package management system, which means that the packages available in Cydia are provided by a decentralized system of repositories (also called sources) that list these packages.
Jailbreaking Tools
Some other jailbreaking tools are as follows −
Pangu
Team Pangu consists of several senior security researchers and focuses on mobile security research. It is known for the multiple releases of jailbreak tools for iOS 7 and iOS 8 in 2014.Team Pangu proactively shares knowledge with the community and presents the latest research at well-known security conferences including BlackHat, CanSecWest, and Ruxcon. It can be downloaded from http://en.pangu.io/
Redsn0w
Redsn0w can be downloaded from http://blog.iphone-dev.org/ and it runs on different firmware versions.
evasi0n7 and GeekSn0w
evasi0n7 as a jailbreaking tool is compatible with all iPhone, iPod touch, iPad and iPad mini models running iOS 7.0 through 7.0.6 (Devices that have been updated Over The Air [OTA] should be restored with iTunes first). Its official webpage is http://evasi0n.com/
GeekSn0w is a popular iOS 7.1.2 jailbreak utility that's built upon winocm's opensn0w project and Geohot's limera1n exploit. GeekSn0w can jailbreak all iPhone 4 models on Apple's latest public firmware, iOS 7.1.2. Its official webpage is http://geeksn0w.it/
Sn0wbreeze and PwnageTool
Sn0wBreeze is a jailbreaking tool that has existed since the iOS 3 firmware generation and has continued to be maintained by its developer iH8Sn0w. Its official webpage is http://www.ih8sn0w.com/
PwnageTool can be downloaded from http://blog.iphone-dev.org/ and it runs on different firmware versions.
Limera1n and Blackra1n
Limera1n can be downloaded from http://limera1n.com/
Blackra1n is geohot's iPhone jailbreak solution. It can be downloaded from http://blackra1n.com/
