Apple iOS 4.3.4 software update may fix iPhone hole, block PDF jailbreak and the hole can also be used for some not-so-noble efforts, like grabbing your contacts database, accessing saved passwords, or activating your iPad or iPhone’s built-in camera. Apple warned all users to avoid opening PDF docs from untrusted sources and JailbreakMe includes a patch for the very hole that allows it to function in the first place, so if you’re terrified that rogue PDFs will take over your devices…………
Browser-based JailbreakMe 3.0 was just released this week and it can handle the long-awaited untethered jailbreak of the iPad 2. The official jailbreak release follows an “Oops!” moment this weekend, when it was accidentally leaked. But since its official release just a couple of short days ago, the JailbreakMe.com site has been visited more than a million times, says project contributor Grant Paul (aka @chpwn on Twitter). Basically, all jailbreak hopefuls need to do is go to JailbreakMe.com via mobile Safari and tap a single button to witness Cydia get installed on their homescreens. Of course, just because this is so simple a caveman could do it doesn’t mean there aren’t pitfalls. (In other words, if you attempt this, you do so at your own risk.) In particular, this PDF-based exploit (courtesy of the infamous hacker Comex) has underscored a pretty serious security vulnerability within iOS. Well, it’s enough to attract attention from the German government, i.e. Germany’s Federal Office for Information Security (BSI). The department sent out an alert yesterday about this, shining a spotlight on the security hole.
And that’s the strange twist to this story. In this case, it turns out that jailbroken devices could actually be more protected than pristine handsets. Apple has known about this for a while, has come out and announced that it is addressing it this time in the next iOS 4.3.4 update. If it’s successful, JailbreakMe obviously won’t work with this software version. If you do jailbreak using this or by any other means, then know that PDFs aren’t the only way malevolent attackers can hack your device. So right after you install PDF Patch 2, then for goodness sake, please change your default root password. pple claimed jailbreaking was illegal back in 2009, but the U.S. Copyright office ruled in mid-2010 that bypassing a manufacturer’s protection measures to run lawfully obtained software applications and users wishing to jailbreak their iOS device should be aware of all the implications associated with it and have a secure backup should anything go wrong.