Saturday, December 11, 2010

Shocking! Apple Removes Jailbreak API Detection !


Apple has just completely removed Jailbreak Detection API for iOS! It has been completely disabled or removed from iOS 4.2.1, as NetworkWorld reports. This is very shocking from Apple.

An API is a programming resource that developers can make use of that their software or operating system is functioning properly and that it isn't modified. Even though jailbreaks can still get through, it gets harder and harder to find exploits because Apple keeps patching them. For some shocking reason, Apple has removed the API. This is unrelated to Apple's preventive jailbreak measures. An API only detects if the system is modified.

It is very strange why Apple just decided to remove it, but according to Joe Owen, the VP of Sybase, he guesses that Apple has decided to end the cat and mouse game with jailbreakers.
It’s an interesting concept – asking the OS to tell you if it has been compromised, because a smart attacker might first change that very part of the OS. Jailbreaks often get better and better at disguising the fact that anything has been compromised. [I]t may be feasible to detect jailbreaks of a specific version or type, but they will still be trapped in the cat and mouse game they play with jailbreakers. Whatever they add [in the OS] to detect the jailbreak, if it is to be queried from the iOS kernel, it must be accessible and have the ability to be changed. Meaning, if it is going to be a useful detection method it can also be circumvented. It is a fairly intractable problem to solve 100%.
This isn't exactly a permanent victory for jailbreakers, since an API is just basically to protect users from malicious ones, but it's assumed that there could be extra exploits from the removal of the API. [via NetworkWorld]