Welcome to the MacNN Forums.

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

You are here: MacNN Forums > News > Mac News > Apple thanks Evad3rs team for discovering now-closed flaws

Apple thanks Evad3rs team for discovering now-closed flaws
Thread Tools
MacNN Staff
Join Date: Jul 2012
Status: Offline
Reply With Quote
Mar 10, 2014, 09:15 PM
 
In a backhanded compliment, the security notes accompanying today's release of iOS 7.1 thank the jailbreaking hacker team known as Evad3rs -- known for their jailbreaking software, Evasi0n -- for finding several security flaws, which iOS 7.1 patches. Ironically, these discoveries are also what made the Evasi0n jailbreaking software work, and thus iOS 7.1 "breaks" the software and un-jailbreaks any iOS devices using Evasi0n.

While jailbreaking is not illegal, Apple frowns on the practice for a variety of reasons. Jailbreaking software -- which simply allows an iOS device to run software from outside the official App Store, as well as allows customized system modifications ranging from new themes to experimental features -- relies on security flaws in iOS to inject new code containing the customizations. The same flaws could be exploited for malicious purposes, which is why Apple is understandably keen to patch them as quickly as possible after they become known.

A second reason is that jailbreaking also allows users to pirate iOS software, which hurts the developer community as well as Apple, and again opens up a channel for the spread of malware. Finally, jailbreaking code often introduces stability and speed penalties that diminish the overall experience and cause problems, sometimes resulting in issues so severe users must seek help from Apple technicians in order to fix the problems. The Evasi0n software has been popular with jailbreakers for its well-put-together installation packages and swift updates to take advantage of the latest versions of iOS 7.

According to the security release notes, Apple has added fixes in the 7.1 update to address flaws found by individual researchers, corporate security specialists, and even rivals like Google. The patches cover issues found in Backup, the Certificate Trust Policy, Configuration Profiles, CoreCapture, Crash Reporting, dyld, FaceTime, ImageIO, IOKit HID Event, the iTunes Store, the kernel, Office Viewer, Photos Backend, Profiles, Safari, Settings, SpringBoard, SpringBoard Lock Screen, the TelephonyUI Framework, USB Host, the video driver, and WebKit.
     
Junior Member
Join Date: Mar 2008
Status: Offline
Reply With Quote
Mar 10, 2014, 10:22 PM
 
Evad3rs is rightfully thanked for uncovering security flaws in iOS 7. Who else would find these flaws?

By correcting these security flaws, Apple keeps iOS the most secure, virus-free, trojan-free, malware-free operating system in the world.

This allows Apple's customers to buy apps freely and safely, encouraging mass purchases of apps. Developers everywhere benefit from the safe ecosystem that Apple has created.
     
   
Thread Tools
Forum Links
Forum Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Top
Privacy Policy
All times are GMT -4. The time now is 03:02 AM.
All contents of these forums © 1995-2015 MacNN. All rights reserved.
Branding + Design: www.gesamtbild.com
vBulletin v.3.8.8 © 2000-2015, Jelsoft Enterprises Ltd., Content Relevant URLs by vBSEO 3.3.2