How To Fix SSL Security Flaw In iOS 7 Without Updating To iOS 7.0.6
By now I am sure most of you will be aware of iOS 7.0.6 which was released by Apple only a few days ago to patch critical SSL connection verification vulnerability that can expose your device to man-in-the-middle attacks. All versions below 7.0.6 are affected by this bug.
Well known jailbreak dev Ryan Petrich has now released a new Cydia package called SSLPatch to fix the flaw found in iOS 6 and iOS 7.0-7.0.5 for those of you who are jailbroken on these older firmwares.
You can find SSLPatch on Petrich’s private repo. Start Cydia, navigate to Manage->Sources->Edit->Add and then enter http://rpetri.ch/repo as repo to be added. Once done, search for SSLPatch and install it.
It is important to note that while Petrich’s SSLPatch can protect your device from man-in-the-middle attack most of the time, it wont protect it ALL the time. It will not work in tweaks that run as root or when your device is in Safe Mode, and you will still be left vulnerable there. This is more of a stopgap solution than a complete fix found in 7.0.6 and so it is highly recommended you should still update to iOS 7.0.6 as soon as possible.
An untethered jailbreak for iOS 7.0.6 is already available in case you need it, and it supports all the devices. You can download iOS 7.0.6 from here, and then jailbreak iOS 7.0.6 using Evasi0n7 1.0.6.
Since the jailbreak is already available for 7.0.6, there is really no reason why you shouldn’t be updating. But if you are still feeling lazy enough, you should at minimum have SSLPatch installed on your device. Because some protection is better than no protection at all.
You can follow us on Twitter, add us to your circle on Google+ or like our Facebook page to keep yourself updated on all the latest from Microsoft, Google, Apple and the Web.