Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

iPhone How Secure is a Jailbroken iPhone 4S

M. Malone

M. Malone

macrumors 6502a
Original poster
Mar 11, 2004
677
2
Hello,

So basically I do lots of traveling and the Caller ID in iOS 5 doesn't work in many countries I visit (thank you Apple for the nice step backwards from iOS 4).

I never liked Jailbreaking because of concerns for security. Right now I want to Jailbreak solely to download "Caller-ID Format Fix" and then never use Cydia again.

Here is a link to the App info I want to download:

Link

Also would be nice if I can just implement this fix without having to install Cydia.

Thank you,
 
There is no way to modify your phone unless you jailbreak it first. No matter what you want to do to it, you're going to have to jailbreak.

Not too sure as far as security goes but I don't think it opens it up in any way unless you install a tweak through cydia that changes that.
 
you can't install Cydia without jailbreaking. If you are concerned and worried I advice you read up on jailbreaking in general http://en.wikipedia.org/wiki/IOS_jailbreaking for starters if you are still worried simply don't jailbreak.. BTW security flaws in IOS is how most exploits work.. ;) Dev-team and Comex among others have discovered many security flaws in stock IOS. ;)
 
labman said:
you can't install Cydia without jailbreaking. If you are concerned and worried I advice you read up on jailbreaking in general http://en.wikipedia.org/wiki/IOS_jailbreaking for starters if you are still worried simply don't jailbreak.. BTW security flaws in IOS is how most exploits work.. ;) Dev-team and Comex among others have discovered many security flaws in stock IOS. ;)
Click to expand...

thank god!

a jailbroken phone is just as secure if you know what your doing, like labman stated...read up on it to get the best out of it.
 
rick snagwell said:
thank god!

a jailbroken phone is just as secure if you know what your doing, like labman stated...read up on it to get the best out of it.
Click to expand...

+1

If you are going to install cracked/hacked stuff then there's a chance that it's not secure. Otherwise, it's just the same as stock.
 
Thanks everyone.

So taking my case specifically. if all I did was jailbreak then install the caller ID fix, am I as secure as stock? Because other than getting the caller ID fixed I really have no other interest in the Jailbreak.

Thanks again :)

----------
The General said:
What do you mean by "secure"?
Click to expand...

For example I want to run icloud on the iPhone. Having personal info flowing from my iPhone to icloud regularly.

Also I do banking on the iPhone. My concern is if this info can be accessed after a jailbreak is made.
 
Ask yourself this:

How do you know what the jailbreak did? How do you know it didn't install malware on your phone, in addition to jail breaking it for you?


I'm not saying it did, but the fact is, you don't really KNOW for sure what the jailbreak did.

Entrusting sensitive information to a jailbroken phone is not really prudent.
 
There aren't all that many jailbreaks. Don't you think we would have heard about it if they did anything malicious?
 
Just change your root and mobile passwords from default and don't install SSH, then you're fine.
 
I heard about stock doing malicous things, like saving locations etc.

As long as you change your default password after the jailbreak its as secure as stock.
 
wellok said:
There aren't all that many jailbreaks. Don't you think we would have heard about it if they did anything malicious?
Click to expand...


Maybe. Maybe it hasn't been discovered yet. Maybe there's a time bomb in the jailbreak used? Who knows? Have you looked at the source? There's also nothing to say that jailbreak X that is non malicious today won't be trojan-ed the next time you download if to upgrade to iOS 5.1, 5.2, etc.

All i'm saying is that YOU DON'T KNOW for sure. If you need to keep your data safe this is something to consider.


There's a difference between uploading your location to apple, and a third party jailbreak author harvesting credit card info, for example.

Plus, if apple does something dodgy, there's the option of a class action lawsuit. Jailbroken phone? Haha, good luck.
 
In regards to being secure I found this out today. I just installed AssistantLove. Basically it allows one to launch apps via Siri.

I found that it will launch said apps from a locked phone. Upon closing app or pressing the home button your have full access to an unlocked device.
 
The issue of security regarding Jailbroken vs non-JB phones is less of an issue than you might suspect. The single biggest, if any, security issue is about the quality of the apps you might be installing via Cydia (or any other repository) that you might find outside the normal App Store.

At first glance a novice might think "oh yeah, I don't like installing apps that hasn't been checked by Apple", think about what kind of information your iPhone is already revealing without your approval, like Path and Hipster.

http://nakedsecurity.sophos.com/201...and-leak-sensitive-data-without-notification/

Most of the major issues I've seen are when iTunes accounts are hacked which affects ALL iPhones both JB or not, etc.

If you're the paranoid type that wants to monitor all outgoing traffic your apps might be transmitting without your notice, you could give the Cydia App "Firewall IP" a try. It can be annoying when it keeps prompting for your approval when an app tries to connect to a host (and it does reveal the host it's trying to connect to). You can allow once, deny or allow always as some computer firewall programs do.
 
Hyper-X said:
If you're the paranoid type that wants to monitor all outgoing traffic your apps might be transmitting without your notice, you could give the Cydia App "Firewall IP" a try. It can be annoying when it keeps prompting for your approval when an app tries to connect to a host (and it does reveal the host it's trying to connect to). You can allow once, deny or allow always as some computer firewall programs do.
Click to expand...

I might jailbreak and get that! Sounds just like Little Snitch, which I'm very happy with on my Mac :)
 
throAU said:
Maybe. Maybe it hasn't been discovered yet. Maybe there's a time bomb in the jailbreak used? Who knows? Have you looked at the source? There's also nothing to say that jailbreak X that is non malicious today won't be trojan-ed the next time you download if to upgrade to iOS 5.1, 5.2, etc.

All i'm saying is that YOU DON'T KNOW for sure. If you need to keep your data safe this is something to consider.


There's a difference between uploading your location to apple, and a third party jailbreak author harvesting credit card info, for example.

Plus, if apple does something dodgy, there's the option of a class action lawsuit. Jailbroken phone? Haha, good luck.
Click to expand...

If it wasn't for the jailbreak scene stock apple would be open malware, like @0xcharlie proved with his nice little appstore app....

Nothing is 100% secure, just take normal precautions, if you cant handle that maybe a cave is better....
 
I'm not claiming that non-jailbroken is 100% secure. However, you do have legal recourse, and the apps ARE vetted.

Jail breaking is additional risk. It is up to the individual to evaluate that and make a choice.
 
throAU said:
I'm not claiming that non-jailbroken is 100% secure. However, you do have legal recourse, and the apps ARE vetted.

Jail breaking is additional risk. It is up to the individual to evaluate that and make a choice.
Click to expand...

It's not suddenly legal to hack someone's phone just because it's jailbroken :rolleyes:
 
0dev said:
Just change your root and mobile passwords from default and don't install SSH, then you're fine.
Click to expand...

I don't see how you are going to change these passwords without first installing openssh. The mobileterminal on Cydia doesn't run on 5.0.1 firmware. Don't know about 5.0. Do you know of some other way to do this?
 
hackthatphone said:
I don't see how you are going to change these passwords without first installing openssh. The mobileterminal on Cydia doesn't run on 5.0.1 firmware. Don't know about 5.0. Do you know of some other way to do this?
Click to expand...

I was thinking of MobileTerminal, didn't know that it was incompatible with iOS 5.0.1. Just gotta wait for it to be updated or just install OpenSSH to change the passwords then uninstall it right after I guess.
 
I would think the best method of securing your phone is not to install openssh at all. Then you won't have to worry about those two accounts being accessible on your phone. Root and mobile access shouldn't even exist until you install openssh.
 
hackthatphone said:
I would think the best method of securing your phone is not to install openssh at all. Then you won't have to worry about those two accounts being accessible on your phone. Root and mobile access shouldn't even exist until you install openssh.
Click to expand...

That's the best advice! Thanks.

I just want the Caller ID Format Fix and nothing else from Cydia
 
Don't get me wrong, you can still install openssh. Just make sure you change the default passwords for root and mobile using a terminal session from your mac. If you forget these passwords, then you are forced to restore the phone to get back into the accounts.
 
hackthatphone said:
Don't get me wrong, you can still install openssh. Just make sure you change the default passwords for root and mobile using a terminal session from your mac. If you forget these passwords, then you are forced to restore the phone to get back into the accounts.
Click to expand...

afterwards you can uninstall openssh again
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back