Wednesday 4 August 2010

Jailbreaking can make your iDevice more secure, despite Apple briefing us to the contrary.

Since the Library of Congress have declared jailbreaking, rooting etc. legal (which we knew it was all along, but nice to have it announced officially), the mainstream media have taken a sudden interest in the latest iDevice jailbreak. This, on the whole is A Good Thing, as it demonstrates to a wider audience that you can own an Apple iDevice without being ridiculously restricted in terms of how you use it. However, one tidbit of info that keeps being thrown about is that jailbreaking makes your device less secure. To quote the Guardian:

  • So why, after paying a small fortune for one of Apple's devices, would you void your warranty and jailbreak? Well, partly because in most cases the handset can be easily and quickly returned to its non-jailbroken state, and partly because doing so can fundamentally transform your using of it. Of course, when you have taken the plunge your device is significantly less insulated from malicious "worms" previously weeded out by Apple. It's your call – but what do the readers think?
The bit I've bolded is the questionable bit - what exactly do they mean by that? Do they think that jailbreaking creates extra security holes? Do they think that Apple regularly fixes security weaknesses over the air? Or that jailbroken devices are excommunicated from Apple and therefore won't be updateable in the future? If a serious security flaw appeared that could only be fixed by an Apple Software update, there is nothing (short of relying on having an unlocked phone) that prevents the average jailbreaker than simply restoring to factory settings in order to take advantage of security fixes; before long, this software update would be jailbreakable, and the cycle starts again.

I doubt that the Guardian blogger in question really believes any of the above. What is more likely is that he's read an Apple PR statement and taken their spin as fact, without researching the matter properly.

It's absolute rubbish that jailbreaking makes you more vulnerable to attack.

Firstly, In order for there to be a jailbreak, a hole in Apple software must be exploited. This one (a PDF exploit) is potentially very harmful as simply by displaying a PDF a hacker could gain full control of an iDevice (basically, involuntarily jailbreaking the device without the user's knowledge or permission).

Secondly, it is possible to install a mod that lets you choose whether or not to view PDF files on a case by case basis, but ironically the only way to do so is to jailbreak your device beforehand. Therefore, people who haven't jailbroken have less secure devices more open to attack, until Apple releases a fix.

Thirdly, some of the first jailbreaks, like this one, made use of software exploits (more recent exploits used by jailbreaking applications are hardware based and hence less dangerous as physical access to the device is required). Previously, these exploits were automatically patched by the provider of the jailbreak, securing it from future attack. This can't be done quite so easily this time around as turning off the ability to view PDFs isn't practical. Nonetheless, in these cases jailbreaking made your device more secure, not less.

Dear Guardian et al., please do your research before you repeat Apple's PR nonsense. Simply jailbreaking a device does not make it automatically less secure. Granted, you are more susceptible to malware as jailbreak applications aren't as well vetted as Apple-approved applications, but caution and perhaps a quick Google search before installing an application from an untrusted source should be plenty to protect yourself.

As for why I jailbreak (another common question that is being asked by the mainstream press), I do it because it is my device. I paid for it (and therefore own it), I know what I want to use it for and what it's capable of, and I don't need Apple to mollycoddle me or hold my hand. I'm not an obsessive nerd either, and I'm not doing it for the sake of it; I'm doing it because I truly believe that jailbreaking offers genuine advantages that add significant value to my iPod Touch. Every tweak and application makes it less like a fancy toy and more like a real computer.

Sunday 15 March 2009

Twitter

My definition of twitter:

Basically Facebook status updates, but because you're not necessarily talking to people you know there is less pressure to make what you're typing socially relevant. Which results in either a) fascinating insights into people's minds or b) irrelevant crap. Normally the latter.

What's yours?

Friday 13 February 2009

List of worries

  • Love life
  • Flat politics (apparently note-leaving is now a form of war declaration)
  • Facebook etiquette
  • Getting six hours sleep per night
  • Eating three meals a day
  • Washing up
  • Food Poisoning
  • Alcohol Poisoning
  • Money
  • The essay on French Rural Policy which I still haven't got back yet.
  • The fact that my laptop frequently fails to accomplish relatively simple tasks, then has what can only be described as a digital existential crisis (e.g. Firefox crashes, you can't reload it because the process is still running, attempting to stop the process results in an error, the computer can't be shut off normally because it can't log off until all of the processes have been ended), then slowly grinds to a halt. Fucking PC World, with their shoddy Chinese imports branded with the Advent logo, which isn't even a computer company in the first place; it's owned completely by PC World.
  • Global Warming
  • Homeless people
  • Third World Hunger
  • Natural Disasters
  • War
  • The impending doom of the world economy.
  • Where I'm going to buy obscure DVDs from when zavvi closes down, the ones that are too obscure even for HMV but I must, for some unknown reason, own.
  • Where I'm supposed to go if I have a desperate need for Pic N' Mix now that Woolworths is gone.
  • The evils of capitalism, and my contribution to the world-dominating goals of Tesco, Starbucks, Subway, HMV, Virgin, Wetherspoons, Coca Cola and Cadburys.
  • Who I'm going to vote for come the next election.
  • The unknown risks of caffeine addiction.
  • Whether or not I'm going to hell.
  • All the people I've lost touch with and shouldn't have.
  • Whether I worry too much, or not enough.
  • Whether the crazy man that lives in my head and has produced the majority of this blog post is going to one day take over.
This list isn't necessarily in order, by the way.

Saturday 3 May 2008

"I am writing to solicit your assistance in the noble transfer of US$9.300.000."...

Here's one way of dealing with spam emails:

And yes, I actually did send this!

I give you permission to donate my 30% to a charity of your choice.

Have a nice day.
----- Original Message -----
From: james Owusu
To: owusu_zzzjames_13@yahoo.co.uk
Sent: Friday, May 02, 2008 10:10 AM
Subject: REQUEST FOR ASSISTANCE



From: The Manager,
International Commercial Bank (ICB).
Eastern Region Branch.
Email:james_owuszz1@yahoo.co.uk
Good day,

I got your contact during my search for a reliable,trust worthy and honest person to introduce this transfer project with. My name is Mr.James Owusu.

I am the manager of International Commercial Bank Eastern Region Branch, Ghana.

I am a Ghanaian married with two kids.

I am writing to solicit your assistance in the noble transfer of US$9.300.000. This fund is the excess of what my branch in which I am the manager made as profit during the last two years transactions. I have already submitted an approved End of the last two Years report for the year 2006 to my Head Office here in Accra-Ghana and they will never know of this Excess.

I have since then, placed this amount of US$9.300.000.00 (Nine Million, three hundred thousand United States Dollars) on a SUSPENSE ACCOUNT without abeneficiary.
As an officer of the bank, I cannot be directly connected to this money thus I am impelled to request for your assistance toreceive this money into your bank account. I intend to part 30% of this fund to you while 70% shall be for me. I do need to stress that there are practically no risk involved in this. It is going to be abank-to-bank transfer to your nominated bank account anywhere you feel safer.

All I need from you is to stand as the original depositor of this fund. and contact by this email id:(Email:james_owuszz1@yahoo.co.uk)

I will appreciate your timely response.

With regards,
James Owusu


--------------------------------------------------------------------------------
Yahoo! For Good. Give and get cool things for free, reduce waste and help our planet. Plus find hidden Yahoo! treasure


----------------
Now playing: Charlatans - Love Is The Key
via FoxyTunes

Wednesday 30 April 2008

Gulp...

It's scary how "accurate" adverts can be these days.

Yes, I know it's just an automated script, but isn't it slightly eerie how, upon translating a word vaguely related to religion, you are presented with a company attempting to figuratively buy your heart?

To be fair, it's a well placed ad; if you're spending your free time talking in French about religion on the internet (which I wasn't, I was writing an essay about Monsieur Sarkozy et sa nouvelle femme), then perhaps it is time for you to find yourself a partner of similar beliefs!

Nonetheless, things like this push us ever-so-closer to that scene in Futurama where Fry gets adverts broadcasted into his dreams. Now that would be scary.

----------------
Now playing: Yan Pascal Tortelier: BBC Philharmonic Orchestra - Peter And The Wolf - I. Introduction
via FoxyTunes

Sunday 20 April 2008

Richmond Council targets 4x4-driving-mums - good for them!

I read with interest an articlein The Independent, reporting on Richmond Borough council's plans to start charging parents up to £75 to park outside their local school. I quote:

A pilot project in the London borough of Richmond upon Thames starts in September, affecting 13 schools, and the Local Government Association says similar schemes are likely to be extended across the country.
In Richmond, where the plans have already drawn fire from families and motoring organisations, the permits will allow parents to park in bays near the school for 15 minutes.
The price will be linked to the car's carbon dioxide emissions - drivers of small, low-polluting cars will get a free permit, but parents with people carriers or four-wheel drives will be charged the maximum £75.

Seems like a good plan to me; some parents these days think it is their right to buy a big Range Rover to get their little darlings safely off to school. There are a dozen of them parked outside my school every weekday afternoon. So I think the policy of charging owners of gas-guzzling cars make sense.

Obviously, parents and motoring organisations have attempted to fight back against this new policy. But their arguments are rather weak. This quote in particular made me laugh:

Paul Watters, the AA's head of public affairs, told the paper: "People carriers may be in the higher carbon dioxide bands, but they are very efficient at getting kids to school, considering many are seven-seaters. It might be a better idea to remove the many smaller cars that clog the streets up."

Well yes. But who has 6 children? Since the sitcom 2point4 children, the average number of children per family has decreased to about 1.6, yet the number of parents driving their children to school in ridiculously big cars has noticeably increased. Doesn't make much sense to me. Now, if two or more families choose to share lifts, that's fine, but in those cases the cost of the permit would be shared, right? Furthermore, isn't it the point of buses, not people carriers, to remove cars from the road?
Once again, well done Richmond, for leading the way in discouraging parents from buying ridiculously big 4x4s. I commend you. Now if you'll excuse me, I'm off to drive my 50 mpg car to lifeguards, picking my friend up on the way. Every little helps, as they say.

----------------
Now playing: The Kooks - You Don't Love Me
via FoxyTunes

Thursday 21 February 2008

Time-Wasting Game Of The Week - Desktop Tower Defense

In our sixth form common room, there is a random room next door, containing, amongst other things, two computers for the purpose of looking at online university prospectuses and the UCAS website. Of course, give a bunch of 17-18 year olds access to the internet, in a room very rarely visited by teachers, and what do you get? Hours of time wasted on pointless web pursuits. Of course, there's Facebook, Myspace and the like (not YouTube; it's blocked), but much time is spent on games. There's the old classics of course, but every now and then a new game is discovered, and it launches a miniature craze among the room's regular visitors. This week is Desktop Tower Defense, where you build a load of heavily-armed towers for the purpose of stopping some odd-shaped monsters from getting from one end of the screen to the other. Apparently, it's a remake of an old game. Either way, it's ridiculously addictive; once you've got the hang of it, try the Fun > 10k Gold mode, build up a massive defense, then release a dozen waves of enemies at the same time. Absolute pandemonium ensues. However, no matter how well you think you've built your maze, eventually something will get through, normally a near-indestructable boss, or a weird triangular flying thing that isn't forced  to work it's way through the huge death maze you've just concocted. Once that happens, it's all downhill from there, and everything goes to pot surprisingly quickly.

What will we be playing next week? Who knows...







----------------
Now playing: The Coral - Dreaming of You
via FoxyTunes