November 15, 2024
Security Consultant to Unveil New Jailbreak Process Next Week

Security Consultant to Unveil New Jailbreak Process Next Week

Posted December 10, 2010 at 2:45am by iClarified
Persian
Security consultant Stefan Esser is set to unveil a new jailbreak method and utility that fortifies iDevices with ASLR, according to the Register.

Esser will present his new jailbreak process at the Power of Community Security Conference on December 14 in Seoul, South Korea. A new tool called "Antid0te" will simplify the procedure.

ASLR makes your device more resistant to malware attacks by randomizing the memory locations where injected code is executed.


"When you jailbreak it, it breaks a lot of security of a normal iPhone," hacker Charlie Miller told The Reg. "With Stefan's stuff, now maybe it's an option, if you're a security-conscious person, to still jailbreak your phone because you can pick up ASLR, which is going to make it a lot harder to do exploits."

"This enables users with jailbroken iPhones to create their own set of dyld_shared_cache files that have completely different library load addresses from every other iPhone in the world," Esser wrote in an email. "This is already a better ASLR than what exists on Snow Leopard because different applications can use different shared caches and therefore different load addresses."

We'll keep you up to date with more information as it develops...

Read More



Security Consultant to Unveil New Jailbreak Process Next Week
Add Comment
Would you like to be notified when someone replies or adds a new comment?
Yes (All Threads)
Yes (This Thread Only)
No
iClarified Icon
Notifications
Would you like to be notified when we post a new Apple news article or tutorial?
Yes
No
Comments (6)
You must login or register to add a comment...
Jay Freeman (saurik)
Jay Freeman (saurik) - December 11, 2010 at 11:13pm
This has absolutely nothing to do with the jailbreak tool involved: creating and specifying the usage of dyld cache files does not require kernel patches or any accessto the system above and beyond a userland program. There is absolutely no reason why this "new process" isn't just a package you can download and install on your already jailbroken tool other than vanity. Charlie should be ashamed of himself for continuing to perpetuate this FUD.
Jay Freeman (saurik)
Jay Freeman (saurik) - December 11, 2010 at 11:22pm
"already jailbroken tool" -> "already jailbroken phone" Also, another commenter, not as a top-level comment but as a reply to another, has stated this isn't a jailbreak method at all, so this article may simply be misleading. (Regardless, I would love if Charlie explained how jailbreaking a phone opened up as many security issues as he likes to claim it does. From my understanding of the kernel patches involved and what is disabled, you aren't much better off than on a stock phone as far as exploits are concerned. Meanwhile, your ability to install security tools like this address space randomizer and your ability to patch outstanding exploits (Apple /still/ hasn't released a PDF security update for the original iPhone and never will: to be safe you /must/ jailbreak) mean that it should be pointed out that the reality is that jailbroken phones tend to be on the forefront of security.
curiositykilledthecat
curiositykilledthecat - December 10, 2010 at 5:04am
im no programming wiz but .... shouldnt you keep your cards closed so that apple wont try to patch up your exploit before its actual release?
Micked
Micked - December 10, 2010 at 6:22am
Nothing in the text says what he found and how he is going to do it.
hippoMan
hippoMan - December 11, 2010 at 12:57am
It just means that jailbroken iphones will become more secure than nonjailbroken phones... but if apple implements this in an update it could backfire and make the hunting for exploits even harder
mikael
mikael - December 11, 2010 at 9:24am
It sems that this is not a jailbreak tool but a package that you install after you have jailbroken your iphone that will make it more secure then a non jailbroekn iphone.
Recent. Read the latest Apple News.
RECENT
Tutorials. Help is here.
TUTORIALS
Where to Download macOS Sonoma
Where to Download macOS Ventura
AppleTV Firmware Download Locations
Where To Download iPad Firmware Files From
Where To Download iPhone Firmware Files From
Deals. Save on Apple devices and accessories.
DEALS