The only iPhone virus ever to attack the general public was a trivial one that affected jailbreakers who installed OpenSSH (not installed by default) but left it at the default password. Despite JailbreakMe 2.0 being open sourced after an updated version of iOS was released, which would have made it relatively easy to modify the code into an attack, I didn't hear about any such modification except a proof of concept that showed up much later. ▻ There's always a first time, but I think there's a good chance the security impact of these vulnerabilities will remain theoretical. Although releasing a jailbreak is certainly not the usual way to report a vulnerability, it still has the effect of making iOS more secure in the long run. Releasing an exploit demonstrates the flaw, making it easier for others to use it for malice, but they have long been present and exploitable. ▻ I did not create the vulnerabilities, only discover them. I am not sure myself what to think of this, but here are some facts: When I released JailbreakMe 2.0 last year, some media reports focused on the security implications of releasing an exploit for unpatched vulnerabilities.
0 kommentar(er)
