Let it Ra1n, Let it Sn0w on my iPhone

Reading time ~2 minutes

Ok, I was suckered into something I said I wouldn't do: I actually jaikbroke and unlocked my iPhoneGeorge Hotz, a.k.a. geohot make it so easy with blackra1n. It was a super easy process to do, and if you do a restore, your iPhone is back to its Steve Jobs approved state.

For the most part, I don't want a jailbroken phone. However, Apple (or is it AT&T?) doesn't permit the iPhone to be unlocked in the United States. I don't need that often, but it is handy when I am traveling, which I have done quite a bit lately.

One other thing I can certainly use is the ability to tether, which AT&T still doesn't officially support. However the blacksn0w also enables the IPCC "hack" that allowed you to download a provisioning file that enables tethering (i.e. using your iPhone as a modem). That's also useful when traveling, particularly if there isn't an iPass-compatible WiFi hotspot nearby.

There's a part of me that feels uneasy about this. Geohot and others like him are finding and exploiting security vulnerabilities in the iPhone to inject code into the phone to make it do things Apple didn't want you to do. Whereas we usually hear about the "bad" results of security vulnerabilities--and these exploits could be seriously bad in the wrong hands--this actually gives the user more functionality.

Apple will, of course, study these jailbreak tools and find a way to close the security holes they take advantage of. Typical in the game of cat-and-mouse between vendor and hacker. Of course, if Apple had more customer-friendly policies related to unlocking the device and allowing installation of "unapproved" apps, this problem would mostly go away.

Apple could be using these "hackers" to make their phone as secure as possible. Once Apple believe the phones are invulnerable to these kinds of attacks, they could simply provide easy access to device unlock and allow people to install whatever apps they want. People get the functionality they want with a much more secure device to boot. Everyone wins.

That's just a crackpot theory, of course, and I'm probably wrong about it. I hope I'm not.

Ye Olde PhoneBoy FireWall-1 FAQ is Back…In A Manner of Speaking

Many of you probably remember the Check Point FireWall-1 FAQ I ran for many years. Many have told me it was their “go-to” source of infor...… Continue reading

How Long is Long Enough for a Password?

Published on February 27, 2017

Cloudflares with a Chance of Goatse

Published on February 24, 2017