Posted by: Chris Barylick
Date: Monday, December 13th, 2010, 04:07
Category: iPhone, News, Software
This is a bit weird but maybe it makes sense in the long run.
Per Network World, less than six months after introducing it, Apple has quietly disabled its jailbreak detection API (Application Programming Interface) through the iOS 4.2 software update, according to a new report.
The publication reported that the API, which was released in June as part of a mobile device management (MDM) bundle for iOS 4.0, has been disabled in iOS 4.2, leaving perplexed vendors to question why. The API had previously allowed third-party MDM applications, such as AirWatch or Sybase’s Afaria, to check for unauthorized modifications to the system files, author John Cox wrote.
Third-party MDM vendors had created their own utilities to check for jailbreaks, but Apple’s jailbreak detection API granted MDM applications direct access to iOS system information.
“We used it when it was available, but as an adjunct,” said Sybase vice president of engineering Joe Owen. “I’m not sure what motivated their removing that….I’ve not had anyone [at enterprise customer sites] talk to me about this API being present or being removed.”
Though jailbreaking an Apple device voids its warranty, the U.S. government recently legalized the process through a handful of exemptions to preexisting laws forbidding it.
Since the release of iOS, Apple has gone back and forth with the jailbreaking community, both sides working to one up each other with each new update. As vulnerabilities are discovered and exploited by the hacking community, Apple rushes to patch the issues, while hackers secretly move on to the next flaw.
In August, hackers released a high publicity browser-based jailbreak for the iPhone 4 that drew attention to a glaring security flaw that could have exposed users to malicious software just by visiting website.
As hackers became aware of the jailbreak detection API, they may have begun circumventing it, adding another layer to the tug-of-war between jailbreakers and Apple.
“Whatever [Apple] adds [in the OS] to detect the jailbreak, if it is to be queried from the iOS kernel, it must be accessible and have the ability to be changed,” security consultant Jeremy Allen told Cox. “Meaning, if it is going to be a useful detection method it can also be circumvented. It is a fairly intractable problem to solve 100%.”
The use of jailbreaking to pirate App Store software has been a major concern for Apple and developers. Also at stake is Apple’s relationship with carriers, who often sell iPhones locked to their networks. In the U.S., for instance, the iPhone is only available through AT&T, though Verizon is expected to begin selling the iPhone early next year. Users looking to use their locked iPhones on other carriers often jailbreak and unlock their handsets.
Stay tuned for additional details as they become available.