Facebook Plunges Again
Tumblr 101: Tips And Tricks To Get Started
How to protect your jailbroken iPhone from PDF exploits
A lot of people have just quickly and legally jailbroken their iPhones through JailbreakMe, but you might not know what's going on in the background when you slide to jailbreak. JailbreakMe takes advantage of a weakness in the way the iPhone handles PDFs, which makes it possible for any site that displays a PDF to run code on your phone. That's a good thing when the code is a jailbreak, but once your phone is jailbroken, you're still open to malicious code in PDFs.So, how do you protect yourself? Apple or the iPhone Dev Team (the people behind the jailbreak) will have to patch the PDF hole eventually, but for right now, the best you can do is to install a Cydia package called PDF Loading Warner, which displays a pop-up when your phone is about to open a PDF. It can't stop the exploit, but it can let you choose not to open a PDF that tries to load when you weren't expecting it.
We'll let you know when a real fix for this problem comes out, but for now, this seems like the way to go on a jailbroken phone.
Comments
5
Subscribe to commentsMark JonsonAug 4th 2010 11:48AM
The permanent fix is called Android, Blackberry, or Windows Mobile.
brhaysmacAug 4th 2010 1:28PM
This article doesn't make it clear that the PDF exploit affects ALL iPhones. The Dev Team isn't cleaning up a mess they created that only affects jailbroken phones, they're trying to close up the hole Apple left.
That means that until Apple releases an update, a jailbroken iPhone with this package (or the Dev Team's eventual fix) is more secure than a stock iPhone.
Tired_Aug 4th 2010 1:30PM
This also makes iBooks nearly impossible to use. If you have any PDFs in your iBooks library, the warning pops up twice on startup for every one you have, and must be dismissed individually for every one.
devonAug 6th 2010 2:15AM
Please get your facts right. How do you expect anyone to trust your blog when you write a sentence like this one...
>That's a good thing when the code is a jailbreak, but once your
>phone is jailbroken, you're still open to malicious code in PDFs.
Do you even know what it means to jailbreak an iPhone? If you did, you wouldn't be referring to a "jailbreak" when what is going on here is an exploit. Big difference!
You also wouldn't be recommending to iPhone users that the best way to avoid any PDF exploit is to first jailbreak their iPhone so they can install this Cydia package to display the msg about the PDF exploit!
Foxit CorporationAug 12th 2010 2:46AM
In its ongoing commitment of providing safer, faster and more stable PDF software tools, Foxit is taking a proactive measure in securing its 100 million PDF Reader users against the iPhone/iPad Jailbreaking application that utilizes malicious PDFs to hack the systems of unsuspecting users. Hackers are now trying to use these malicious PDF’s to access sensitive data on desktops. Foxit welcomes all PDF Reader users to download the latest version of the Foxit Reader 4.1.1 which addresses and resolves the issues related to the jailbreak hack.
To protect iPhone/iPad users from the jailbreak program that is being used to exploit iPhones in the way they handle PDFs, Foxit is preannouncing its soon to be submitted PDF Reader App for iPhone. Foxit believes that the upcoming release of its Foxit Reader for iPhone will provide a secure PDF reader for the iPhone. Foxit will be submitting this App within two weeks and it will have full PDF viewing capability. Just as with the Windows Reader, Foxit PDF Reader for iPhone will protect users against malicious PDFs.