Apple Slices Jailbreak Detection API From iOS 4.2 - InformationWeek
IoT
IoT
Mobile
Commentary
12/13/2010
09:03 AM
Eric Zeman
Eric Zeman
Commentary
50%
50%

Apple Slices Jailbreak Detection API From iOS 4.2

The latest update to Apple's iPhone software and developer tools removes a security feature that was put there just six months ago.

Apple has used its constant software updates to push back against those who jailbreak their iPhones. It June, it added a host of enterprise features to iOS 4.0, including a new API that could be used to detect when an iPhone was jailbroken. The API was made available mostly for security reasons, as it allowed third-party device management companies such as Sybase to help its own customers secure their corporate data.

When Apple introduced iOS 4.2.1 in November, the API was removed.

Speaking to NetworkWorld, Joe Owen, vice president of engineering at Sybase, said, "We used it when it was available, but as an adjunct. I'm not sure what motivated their removing that....I've not had anyone [at enterprise customer sites] talk to me about this API being present or being removed." Sybase provides businesses with a mobile device management platform called Afaria.

The API worked by asking the operating system of it had been compromised. In order to jailbreak an iPhone, the software tools that do it make a number of changes to the operating system. The API could be used to examine a set of these vital system files to see if they'd been changed.

"It's an interesting concept -- asking the OS to tell you if it has been compromised," Owen said to NetworkWorld. "Because a smart attacker might first change that very part of the OS. Jailbreaks often get better and better at disguising the fact that anything has been compromised."

Companies such as Sybase had developed their own tools to detect jailbreaks, but the jailbreak detection API made it a lot easier by giving enterprise device management developers direct access to the necessary parts of the operating system.

Once a jailbreak was detected, businesses using software such as Sybase's Afaria could employ a number of resources, such as clamming up the phone, disabling it, sending alerts to IT and so on. The threat, of course, is that jailbroken iPhones are more susceptible to malware.

Apple declined to comment on why the API was removed.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
2017 State of IT Report
2017 State of IT Report
In today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.
Register for InformationWeek Newsletters
White Papers
Current Issue
Top IT Trends for 2018
As we enter a new year of technology planning, find out about the hot technologies organizations are using to advance their businesses and where the experts say IT is heading.
Video
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll