The long-awaited iPhone 4 jailbreak is finally here. In fact, it can be done by just visiting a website and clicking a link! HOORAY WE’RE ALL FREEEEEEEEEEE–
Step back from the Amazing Freedom Sauce and think about this:
This is your OS being rewritten with the click of a webpage link.
This is, hands down, the single biggest security hole in the history of Apple products. This is a blockbuster vulnerability, as bad or worse than anything in recent years for Windows – just click one link, and damn near any code can be executed on your phone, as root – you can, in every meaningful sense of the word, get pwned.
I have absolutely no doubt that iOS 4.1 will hold now until this gets repaired – 4.1 beta 3 just dropped and probably does something to fix this. One can only hope, anyway. The fact that this is being pitched as a heaven-sent means of liberating your phone, rather than the most embarrassing flaw in a shipping Apple product of the Steve II era, speaks volumes about how distorted are the sensibilities of the tech press. Gizmodo, for instance, was hailing the jailbreak two days before decrying the vulnerability, having apparently never considered that jailbreak-by-web-site might represent a serious breach of security.
The problem is, as soon as Apple fixes this bug, it’s probably going to break a lot of newly-jailbroken iPhones. And there will be people screaming about how Apple is out to screw jailbreakers and decrying the evils of the beast of Cupertino, who sincerely believe that trying to fix the OS equivalent of Pearl Harbor is less important than making sure that Billy L33t H4xx0r can still run Cydia on his iPhone, and that Apple is wrong to fix the former at the expense of the latter. These people should kill themselves at the first opportunity, for the sake of the human race. We have enough trouble with teatards without keeping script kiddies in the gene pool.