As with any jailbreak or rooting of a handset, "hacking" a phone OS is usually exactly that: exploiting a weakness to get unsigned code onto a device. That means that any other hacker, be they sufficiently nefarious, could use that same exploit to mess with your phone in the bad, not-installing-emulators-off-of-Cydia sense. Early iPhone jailbreaks (back when installing your own ringtones was a
wild idea) took advantage of a TIFF exploit, the recent
EVO 4G root found a hole in Flash Lite, and the
JailbreakMe exploit is stuffing its code in a PDF font. Until Apple patches this exploit (when asked, Apple told us it was "aware of the reports and looking into them") we'd be extra careful about which PDFs we open -- there aren't any reports of malicious use so far, but with Safari's seamless handling of PDFs, it wouldn't be hard for some hacker to hide a potentially phone-invading PDF behind some harmless looking hyperlink. The iPhone devteam points out that this isn't the only known exploit for Safari on iOS, so there's no need to start hyperventilating about this particular one... unless it's a slow day at your mainstream media publication and you're looking for something to hyperventilate about.
Oh, and are you looking for a surefire way to steer clear of PDFs? Cydia has a PDF loading warner that lets you skip PDFs your browser is trying to load on a case by case basis. Of course, you'll need to jailbreak your phone to use it. Ironic, right?
posted August 3rd 2010 3:53PM
Very ironic.
@dcnoren
I know. Engadget is taking a page from Apple's book and showing how everyone else is also affected when an exploit shows up.
PDF files are just as bad as Flash! Apple, ban them!
@dcnoren
Crap. I didn't uncheck "E-Mail me when someone replies to this comment". My phone will be dinging all afternoon.
I can see the new mobile commercials coming out spoofing apple's "I'm a Mac/ I'm a PC" ads with the whole virus/threat thing...
"But iPhone, there are THOUSANDS of PDFs on the internet!"
@barac
Uh, Adobe didn't write Apple's PDF reader for the iPhone. This is on Apple and Apple alone.
@dcnoren
I think it'd be irony if it were anybody but Apple. An exploit to stop an exploit just sounds about right nowadays
@dcnoren DIINNNGGG!!! just wanted to say hey lol
@barac
They probably will...
@dcnoren...which part, the Adobe related security flaw potentially hosing an Apple product, or...wait, that's the only part.
@dcnoren yeah i did the same thing and it was a pain in the ass
@dcnoren
Go to your user page and uncheck the box.
@BigJayDogg3
If you want to fix the email situation.
@BigJayDogg3
I love you
@dcnoren Oh, oh oh oh oh oh oh!!! It's Magic!
@CheeseSoda
Now what do you think folks at Apple would say?
@dcnoren what do you mean?
@dcnoren We're putting the 'ring' in RING-A-DING DING DING DING DONG
Time for Apple to arrange a press event explaining that they screwed up but that every other phone has a zero-day exploit and proceed to post videos on how to gain root on competing devices.
@ok old news again
Who gets what now? So by pointing out that this is possible somehow all jailbroken iphone owners are "owned" (seriously people still use that word.)
No sorry, by that logic owning a PC or a Mac or a Linux machine or anything that could potentially get virus's is also "owned".
Tell me, prick, are you pleased with your air of smug satisfaction or does it hurt when the more logical Engadget readers to break you.
@Simnol
* break you.
Smeg I can't even be bothered any more. :(
I weep.
@blokeyhighlander
that made my day
@ok old news again
95% ..no 99% of iphone users are non technical and SHOULD know better. 3 million sold 2.9 million hacked WOOHOOO!!
@rmbrown09
What do YOU mean is the real question.
@barac Apple wrote the PDF renderer, so Apple needs to ban its own software from the iPhone! Of course, if Apple allowed alternative browsers using their own rendering engines, and alternative PDF readers instead of their own ... people could have CHOICE and use different software to protect themselves. Now, people will have to wait with insecure phones until Apple figures its crap out. There are millions of potential victims at the mercy of Apple's ability to update its software timely, who then have to take their phone to their PCs to attach it to iTunes to get the update.
@dcnoren I did the same thing yesterday on the i3 iMac review...
New email's like crazy.
@TinWard
I personally would love to see that happen...
@Drew3739 So acc. to you engadget show only point out the vulnerability of iphone and leave aside android phones like evo4g when they suffer the same ??
@CheeseSoda Haw-haw!
@dcnoren Ding ding!
@barac That there going to fix it like a good, aware company would do. No software is perfect, which is why there are things called 'patches'.
@hell hound The EVO 4G probably doesn't use Apple's PDF renderer, so I doubt it's vulnerable to the same exploit.
GOOOOOOOOOO DevTeam
@tai376 It's ironic because if you jailbreak your phone, there is a patch which will at least warn you when someone is trying this on your iDevice.
@tai376 Couldn't find foodfood. :(
"Of course, you'll need to jailbreak your phone to use it. Ironic, right?"
'woaaa dude you just blew my mind' - Keanu Reeves
So glad I jailbroke yesterday
OpenSSH
Blue Nove
MyFi
Select Carrier
Mobile Terminal
so much fun stuff
@rmbrown09
What is select carrier?
Lol: An Adobe product helps hacking an Apple product. Sort of.
@mschmidler "Do note that by default, there's no separate PDF viewer on an iPhone. Instead, PDF viewing is built into the Safari browser. The attack uses a corrupted font placed inside the PDF file to crash the Compact Font Format (CFF) handler."
NOT Adobe. Apple. As many have said, Apple will be shown to be no better than microsoft, if not a lot worse, as their devices become more popular.
up next - a whole slew of worms/spyware/viruses exploiting critical OS X vulnerabilitie and still fanboys will claim OSX is safe and blame everyone else.
@ajwoodhouse
Actually, the .pdf format was created by Adobe. So it is an Adobe product.
@paul34 : But the exploit is by malformed input. Is Adobe supposed to supply a specification for malformed input files?
The exploit is on software that does not validate its inputs.
@paul34
But its a Safari exploit.
How about this. We'll pin this one on Adobe if from now on whenever an exploit is found in Windows that isn't 100% Microsoft code, we'll remove all blame from Microsoft.
@paul34 That's like saying the group that invented C++ is responsible for any virus/malware produced with their language. The writers of the .pdf reader (Apple) are responsible for how their software reads pdfs.
Who cares! Jailibreak! Woo hoo!!!!
@ajwoodhouse
I thought iBooks was the dedicated PDF viewer. When I open a PDF on my iPhone it opens in iBooks.
@angelusp
I don't think you grasp the situation. Jailbreaking isn't the problem here, the exploit used to gain enough access to the phone to jailbreak it is, because it also allows an attacker to, instead of jailbreaking your phone, do whatever else they want instead. For example, to wipe your phone and install just one program that shows you photos of dicks. Get it now?
@angelusp did you read the article?
@ajwoodhouse,
This font rendering security hole in PDF renderer was known to Apple.
http://support.apple.com/kb/HT4131
Apple has already patched it in OSX a few months ago, and the fix
was arriving to iOS, as part of 4.1 release. In fact, its already in the 4.1 beta releases that were made in the last few weeks.
It was simple for comex to simply look up the security patch fix list for OSX, and see one which is also present in the iOS and use it, to get it working for releases prior to 4.1, which would have had the fix. He knew it he had it, as jailbreakme.com does not support 4.1 beta.
However, what Apple should have done is to release the fix to iOS a well via 4.1 and 4.0.2, before publishing the fix on its website for the world to know.
@grkhetan was known to apple, or Charlie Miller said something like "Apple your shit is busted. Again"