After the release of iPhone OS 3.0, Apple fixed 46 security bugs. That gives you a hint of the amount of loop holes Apple has left in the operating system. Imagine the amount of harm it might have caused to the iPhone users without their knowledge. Recently, a finding by Charlie Miller (a famous veteran hacker and Analyst at Independent Security Evaluators) came into news. During a presentation at the SyScan security conference in Singapore, he explained that a vulnerability exists in the way iPhone handles SMS messages which makes it possible to send code instead of strictly text. This could leak any personal information of the iPhone users.
He also said:
“If you care about security, don’t use a jailbroken iPhone,”
As for the ones who don’t know, jailbreaking is the removal of protections that prevent a user from installing applications on an iPhone that have not been signed by Apple. According to Miller, it removes around 80 percent of the security protections built into the phone’s software, making it extremely vulnerable.
Once you jailbreak, your iPhone is outside of the Apple’s security control. There is no hindrance to the installation of malware (malicious software) on a jailbroken iPhone and that malware could damage or infiltrate the iPhone easily.
Miller says, for example, that the Cydia (repository of applications) application installer runs as root on the iPhone. Once the iPhone has jailbroken, any application can run as root and do whatever it wants. This is quite dangerous!
The primary risk on the iPhone is opening your device up to any application available on Cydia/Icy. iPhone’s will generally run applications that are digitally signed by Apple, which is not the case when jailbroken. So if you are even a little uncertain about any of your installations, there is a possibility that you can mess up things for real.
Lets wait and watch what steps does Apple take in order to rectify the problem.
Till then, a simple question:
Will you still jailbreak your iPhone now that you know it could harm you?