toggle

AAPL Stock: 93.94 ( -0.49 )

Printed from http://www.macnn.com

Apple thanks Evad3rs team for discovering now-closed flaws

updated 09:00 pm EDT, Mon March 10, 2014

Ironically patches loopholes that allowed Evasi0n jailbreak to work

In a backhanded compliment, the security notes accompanying today's release of iOS 7.1 thank the jailbreaking hacker team known as Evad3rs -- known for their jailbreaking software, Evasi0n -- for finding several security flaws, which iOS 7.1 patches. Ironically, these discoveries are also what made the Evasi0n jailbreaking software work, and thus iOS 7.1 "breaks" the software and un-jailbreaks any iOS devices using Evasi0n.

While jailbreaking is not illegal, Apple frowns on the practice for a variety of reasons. Jailbreaking software -- which simply allows an iOS device to run software from outside the official App Store, as well as allows customized system modifications ranging from new themes to experimental features -- relies on security flaws in iOS to inject new code containing the customizations. The same flaws could be exploited for malicious purposes, which is why Apple is understandably keen to patch them as quickly as possible after they become known.

A second reason is that jailbreaking also allows users to pirate iOS software, which hurts the developer community as well as Apple, and again opens up a channel for the spread of malware. Finally, jailbreaking code often introduces stability and speed penalties that diminish the overall experience and cause problems, sometimes resulting in issues so severe users must seek help from Apple technicians in order to fix the problems. The Evasi0n software has been popular with jailbreakers for its well-put-together installation packages and swift updates to take advantage of the latest versions of iOS 7.

According to the security release notes, Apple has added fixes in the 7.1 update to address flaws found by individual researchers, corporate security specialists, and even rivals like Google. The patches cover issues found in Backup, the Certificate Trust Policy, Configuration Profiles, CoreCapture, Crash Reporting, dyld, FaceTime, ImageIO, IOKit HID Event, the iTunes Store, the kernel, Office Viewer, Photos Backend, Profiles, Safari, Settings, SpringBoard, SpringBoard Lock Screen, the TelephonyUI Framework, USB Host, the video driver, and WebKit.




by MacNN Staff

toggle

Comments

  1. James Katt

    Fresh-Faced Recruit

    Joined: 03-02-08

    Evad3rs is rightfully thanked for uncovering security flaws in iOS 7. Who else would find these flaws?

    By correcting these security flaws, Apple keeps iOS the most secure, virus-free, trojan-free, malware-free operating system in the world.

    This allows Apple's customers to buy apps freely and safely, encouraging mass purchases of apps. Developers everywhere benefit from the safe ecosystem that Apple has created.

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

Razer Kraken Pro headset

Gaming headphones are a challenge to get right, for a long list of reasons that are unique to the consumer buying them. Some shoppers ...

Patriot Aero Wireless Mobile Drive

Regardless of how large a tablet you buy, you always want more space. There's always one more movie or another album you'd cram on, ...

Patriot Fuel+ 6000 and 9000mAh batteries

Mobile device batteries are better than they used to be, but there's always a scenario where users could use more juice. Upgrade manu ...

toggle

Most Commented