We reported on the return of browser-based jailbreakme.com yesterday. Today IT security guru F-Secure revealed just how the site is able to work.
The jailbreak method utilizes a PDF exploit found in the iOS software. Charlie Miller with Independent Security Evaluators, tweeted, " Starting to get a handle on jailbreakme.com exploit. Very beautiful work. Scary how it totally defeats Apple's security architecture."
What the exploit does is take a PDF sitting in a subdirectory of jailbreakme.com, shown on the right, and brings it into your device. PDF browsing is done through Safari, and the jailbreak exploits that weakness by using a corrupted font placed inside the PDF file to crash the Compact Font Format handler and allows access to the iOS.
iPhone devteam member chpwn told us today, "There are other (public) exploits in Safari, including some on Apple's website that are fixed in desktop Safari but not iOS. Therefore, the JailbreakMe exploit isn't really a big deal for security."
And even if it is, apparently there are other ways into the system. Comex, author of the exploit, sent a tweet yesterday saying, "M aybe I'll rely on USB based stuff for the next jailbreak so that Apple won't patch it so fast."