Jailbreak "detection" API now gone from iOS 4.2
Posted: Mon Dec 13, 2010 3:03 amJailbreak "detection" API now gone from iOS 4.2
Apple has apparently dropped access to a jailbreak detection API first added to iOS 4.0 this past summer. Third-party developers of mobile device management software told Network World that the API no longer works in iOS 4.2.1, though Apple never warned that it was being deprecated.
Word of a jailbreak detection API appearing in iOS 4.0, combined with the publication of a patent application for disabling an iPhone when an "unauthorized user" is detected, originally stirred fears that Apple might be looking to automatically disable iPhones that were jailbroken. However, such a move would run counter to a Copyright Office ruling that jailbraking was essentially a legal activity.
In fact, the detection API was introduced along with a series of APIs designed to improve device management for enterprise deployment. MDM software vendors such as Sybase already used their own methods for detection jailbreaks, since jailbroken devices can represent a significant security risk. Apple's own API offered a simplified way to merely ask the system if it was jailbroken and get a yes/no response.
Jailbreaking an iPhone or other iOS device removes the built-in security features in order to run non-App Store software, use the device on other mobile networks (also known as "unlocking"), or customize the user interface. But removing those security features also make iPhones more vulnerable to malware and data theft. An individual could decide the added functionality is worth the risk, but corporations have legal obligation to secure certain kinds of information, and otherwise have reason to secure mobile devices from hacking attempts.
Sybase suggested that Apple may have dropped the API because jailbreakers could modify the system to disguise the fact that it had been compromised. "We used [Apple's API] when it was available, but as an adjunct" to our own detection methods, Joe Owen, vice president of engineering at Sybase, told Network World. "Because a smart attacker might first change that very part of the OS. Jailbreaks often get better and better at disguising the fact that anything has been compromised."
MDM vendors told Network World that they will continue to use their own jailbreak detection methods since their customers still need to detect jailbroken devices and secure them as necessary.
"Ultimately, a business has a right to protect its proprietary and sensitive information, even if that information resides on a personal device belonging to the end user," explained Intrepidus Group's Jeremy Allen in a recent blog post about securing various mobile platforms. "If a user desires to consume business resources and store sensitive information using their phone, then the business has a right to implement reasonable safeguards to protect the data and resources."
Apple has apparently dropped access to a jailbreak detection API first added to iOS 4.0 this past summer. Third-party developers of mobile device management software told Network World that the API no longer works in iOS 4.2.1, though Apple never warned that it was being deprecated.
Word of a jailbreak detection API appearing in iOS 4.0, combined with the publication of a patent application for disabling an iPhone when an "unauthorized user" is detected, originally stirred fears that Apple might be looking to automatically disable iPhones that were jailbroken. However, such a move would run counter to a Copyright Office ruling that jailbraking was essentially a legal activity.
- jail_prison_ars.jpg (23.1 KiB) Viewed 2983 times
In fact, the detection API was introduced along with a series of APIs designed to improve device management for enterprise deployment. MDM software vendors such as Sybase already used their own methods for detection jailbreaks, since jailbroken devices can represent a significant security risk. Apple's own API offered a simplified way to merely ask the system if it was jailbroken and get a yes/no response.
Jailbreaking an iPhone or other iOS device removes the built-in security features in order to run non-App Store software, use the device on other mobile networks (also known as "unlocking"), or customize the user interface. But removing those security features also make iPhones more vulnerable to malware and data theft. An individual could decide the added functionality is worth the risk, but corporations have legal obligation to secure certain kinds of information, and otherwise have reason to secure mobile devices from hacking attempts.
Sybase suggested that Apple may have dropped the API because jailbreakers could modify the system to disguise the fact that it had been compromised. "We used [Apple's API] when it was available, but as an adjunct" to our own detection methods, Joe Owen, vice president of engineering at Sybase, told Network World. "Because a smart attacker might first change that very part of the OS. Jailbreaks often get better and better at disguising the fact that anything has been compromised."
MDM vendors told Network World that they will continue to use their own jailbreak detection methods since their customers still need to detect jailbroken devices and secure them as necessary.
"Ultimately, a business has a right to protect its proprietary and sensitive information, even if that information resides on a personal device belonging to the end user," explained Intrepidus Group's Jeremy Allen in a recent blog post about securing various mobile platforms. "If a user desires to consume business resources and store sensitive information using their phone, then the business has a right to implement reasonable safeguards to protect the data and resources."
