Apple Slices Jailbreak Detection API From iOS 4.2

The latest update to Apple's iPhone software and developer tools removes a security feature that was put there just six months ago.

Eric Zeman, Contributor

December 13, 2010

2 Min Read

Apple has used its constant software updates to push back against those who jailbreak their iPhones. It June, it added a host of enterprise features to iOS 4.0, including a new API that could be used to detect when an iPhone was jailbroken. The API was made available mostly for security reasons, as it allowed third-party device management companies such as Sybase to help its own customers secure their corporate data.

When Apple introduced iOS 4.2.1 in November, the API was removed.

Speaking to NetworkWorld, Joe Owen, vice president of engineering at Sybase, said, "We used it when it was available, but as an adjunct. I'm not sure what motivated their removing that....I've not had anyone [at enterprise customer sites] talk to me about this API being present or being removed." Sybase provides businesses with a mobile device management platform called Afaria.

The API worked by asking the operating system of it had been compromised. In order to jailbreak an iPhone, the software tools that do it make a number of changes to the operating system. The API could be used to examine a set of these vital system files to see if they'd been changed.

"It's an interesting concept -- asking the OS to tell you if it has been compromised," Owen said to NetworkWorld. "Because a smart attacker might first change that very part of the OS. Jailbreaks often get better and better at disguising the fact that anything has been compromised."

Companies such as Sybase had developed their own tools to detect jailbreaks, but the jailbreak detection API made it a lot easier by giving enterprise device management developers direct access to the necessary parts of the operating system.

Once a jailbreak was detected, businesses using software such as Sybase's Afaria could employ a number of resources, such as clamming up the phone, disabling it, sending alerts to IT and so on. The threat, of course, is that jailbroken iPhones are more susceptible to malware.

Apple declined to comment on why the API was removed.

Read more about:

20102010

About the Author(s)

Eric Zeman

Eric Zeman

Contributor

Eric is a freelance writer for InformationWeek specializing in mobile technologies.

See more from Eric Zeman
Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.
SIGN-UP

You May Also Like

More Insights
Webinars
More Webinars
Reports
More Reports

Editor's Choice

Bald eagles, eagle in flight.
Cyber Resilience
9 Ways CISOs Can Stay Ahead of Bad Actors9 Ways CISOs Can Stay Ahead of Bad Actors
byLisa Morgan
Jul 24, 2024
9 Slides
Binary code concept pattern and big data structure.Net and source code.Abstract background of technology, science and cloud computer.
Data Management
How Much Data Is Too Much for Organizations to Derive Value?How Much Data Is Too Much for Organizations to Derive Value?
byCarrie Pallardy
Jul 22, 2024
11 Min Read
CrowdStrike Holdings, Inc. logo is displayed on a smartphone screen.
Cyber Resilience
CrowdStrike Aftermath: Lessons Learned for Future RecoveryCrowdStrike Aftermath: Lessons Learned for Future Recovery
byJoao-Pierre S. Ruth
Jul 24, 2024
6 Min Read
Calculator displaying the text "SALARY" on top of $100 bills.
IT Leadership
2024 InformationWeek US IT Salary Report: Profits, Layoffs, and the Continued Rise of AI2024 InformationWeek US IT Salary Report
byInformationWeek Staff
Jun 4, 2024
1 Min Read
Digital Security and Threat of a System
IT Leadership
11 Ways Cybersecurity Threats are Evolving11 Ways Cybersecurity Threats are Evolving
byLisa Morgan
Jun 13, 2024
11 Slides
Webinars
More Webinars
White Papers
More White Papers
Live Events
More Live Events
Reports
More Reports