JailBreakMe Exploit PDF Security Loop Hole to Jailbreak iPhone

If you have been following iPhone 4 jailbreak news, you would already know about JailBreakMe. How did JailBreakMe hack (or jailbreak) the iPhone? It uses a security flaw on the iPhone to do it. According to reports, the security loophole is the font of PDF file.

That means, a hacker can add malicious code onto a font and when you open a PDF with this font, the code will be able to enter your iPhone and do destructive actions like delete files, install programs and etc.

From Gizmodo,

How it works

It just requires the user to visit a web address using Safari. The web site can automatically load a simple PDF document, which contains a font that hides a special program. When your iOS device tries to display the PDF file, that font causes something called stack overflow, a technical condition that allows the secret ninja code inside the font to gain complete control of your device.

You might think that as long as you don’t open PDF files, you are safe. Technically, you are correct. However, some clever hackers will disguise website with PDF files. Once you go to the URL, you will automatically open the PDF files.

Ironically, it seems that Cydia has the temporary solution. To get Cydia means you need to jailbreak your iPhone. From Cydia, you will need to install a “PDF Loading Warner” software so that every time, an URL wanted to open a PDF file, it will warn you.

Who is affected?

It seems that any iPhone, iPad or iPod Touch with iOS 3.1.2 and above are affected. Apple has yet to officially announce anything. Will keep everyone updated.

See also  Singtel Released iPhone 4 Pricing Plan Before 30th July Launch

[ad#boxlist]
(source)
(source2)