How A Malicious Jailbreak Tweak Can Permanently Brick Your iPhone Or iPad
Running a jailbroken iPhone, iPad or iPod touch offers many well-documented advantages over stock software, namely the ability to alter the functionality and UX in ways that Apple would simply never permit. But it’s not all a bed of roses, of course. Jailbreaks are, after all, the result of developers finding and exploiting holes within the Apple platform, so while the plus points of running jailbroken vs. untouched software may be enticing, you may also be afflicted by nastiness that would otherwise not have reached you. Case in point: a new proof-of-concept tweak that is not only dangerous, but potentially fatal to your device in that, as per the author, it will brick your device irreversibly once installed.
Not all hackers or developers are malicious. In fact, we’d like to think, at least, that most experts on digital development and security are doing so with noble intentions. But when, as with jailbreaking, you’re talking about delving into the depths of the system files, it wouldn’t be too difficult for an unscrupulous individual to cause serious harm. While the developer behind the KilliOS proof-of-concept tweak doesn’t seem to have any inauspicious intentions, somebody else could repackage a code like this in a lesser known Cydia repo and infiltrate your iOS device, and if this did occur, your iPhone or iPad would take the dreaded title of ‘expensive doorstop.’
Created by developer arcticsn0w, the package messes with a device’s NVRAM (non-volatile RAM), and is based upon a bootcolor-changing tweak that was released by fellow developer dayt0n a short while back. While dayt0n’s effort isn’t dangerous per se, its dealings in meddling with NVRAM mean that it could be if altered or mishandled, and arcticsn0w has demonstrated this to be true.
Having initially put the tweak on his repo, he promptly removed it after some pressure from fellow Redditors, although the source code is up on GitHub for interested parties to gawk at.
So, with artics0w’s warning that KilliOS“permanently bricks” one’s device, how can we all steer clear of accidentally running into this unsavory bit of malicious code? As ever, we’d advise our readers to stick to trusted, respected sources in Cydia, and to take advantage of the many thousands of safe tweaks available (free and paid) through the default repositories.
Does this kind of news discourage you from jailbreaking? Or do you believe that having so many great tweaks far outweighs the risks of potential device-killers?
Share your thoughts and comments with us below!
Update: The developer of this proof of concept has contacted us to clear that his intention was not to allow developers to create packages with malicious intent. KilliOS is a proof of concept. It’s designed to say “Hey, a tweak can do this”. He released the source code so other developers could look at it and create a patch. A Redditor is already working on a patch, and has created a quick fix to prevent script kiddies to brick your device. KilliOS does *not* work with this patch yet, however he says he *could* make it work with some tiny changes.