iPhone 4 Jailbroken Over The Web, Exposes Massive Security Hole

The new web based jailbreak for iOs4 and 3.2 has been released and worryingly its a web based exploit which uses a vulnerability in Apple's PDF handling to run the jailbreak code.

Now given just how far that jailbreaking delves into the inner workings of iOs4 that a pretty dangerous hole in the iPhone's security model. Anybody wanting to create an iPhone bot network or have your iPhone make premium rate calls while you sleep need only entice you to visit a website with the code embedded as a PDF file and they have control.

Hopefully Apple is working on a fix for this as we speak, until it arrives be very wary of the sort of sites that you visit on your iPhone.

0 comments: