

"Apple Is Not Fighting Jailbreaking": Wait, What? - spcmnspff
http://www.osnews.com/story/23748/_quot_Apple_Is_Not_Fighting_Jailbreaking_quot_Wait_What_

======
lurch_mojoff
As Chairman Gruber already replied [
<http://daringfireball.net/linked/2010/08/30/holwerda> ] Thom is
misrepresenting or at least misinterpreting his statement and its context. In
order to say that Apple are "fighting" jailbreaking we'd have to see them
taking active steps in preventing it - e.g. putting an e-fuse, like the one in
some Motorola Droid phones, in the iPhone or at least have something on the
device verify the origin and integrity of iOS images before allowing them to
be installed or run. Just because Apple are patching the vulnerabilities used
in jailbreaking and have stated that they won't support jailbroken iPhones, I
would not say they are fighting it - not enabling or encouraging it,
certainly, but not fighting it.

I also want to take exception to Thom's statement that Apple "fought hard to
maintain jailbreaking as an illegal activity". It might not have been "[a]
figment of our collective imagination", but without a shred of support
provided in the post, it might very well have been. And I don't think Apple
care too much about its legality. Yes, we love to poke fun of how litigious
Apple are, but I can't remember them picking a fight that they don't have a
good chance of winning. Certainly the folks at Apple realize they won't be
able to stop the practice of jailbreaking by pulling a RIAA and carpet bombing
jailbreakers with lawsuits. As I said, if Apple wanted to prevent
jailbreaking, they would have come up with an effective technical measure to
do so, not a legal one.

~~~
modeless
_have something on the device verify the origin and integrity of iOS images
before allowing them to be installed or run._

iOS already does this. The device won't accept an iOS image unless it has been
signed by Apple. Not only that, but iTunes now "verifies with Apple" over the
Internet that you are allowed to install the update before proceeding. Not
only that, but _all_ binaries including App Store apps and even debug builds
of apps produced by the iOS SDK must be signed.

I think Apple is using all the "effective technical measures" available to
them. The only way to run code not signed by Apple is to exploit a
vulnerability, and e-fuses wouldn't patch the vulnerabilities that allow
jailbreaking. At best e-fuses would allow Apple to brick a jailbroken device
if the owner was foolish enough to attempt an OS upgrade. The only way I could
see them making iOS tighter is rewriting the whole thing in a safer language
than C to cut the number of vulnerabilities.

~~~
ugh
I’m not really all that informed about the details of the iOS but didn’t Apple
do this since day one, long before there even was a App Store? Before the
first jailbreak came out? If it has been this way forever I see no way how you
could call this ‘fighting’ jailbreaking.

~~~
modeless
Before the iPhone even came out it was obvious people would try to jailbreak
them, and signed firmwares are a necessary part of jailbreak defense. You're
right that Apple couldn't have been defending the App Store from jailbreaks
before it was invented, but back then they _did_ care about the carriers. They
had a lot to prove. Now Apple is the darling of the industry and they have no
reason to kowtow to the carriers any more, but they continue to fight
jailbreaks to protect the App Store.

------
nanairo
Great example of a false dichotomy. It's not _if_ Apple if fighting
jailbreaking but _how_much_ they are.

Apple definitely goes for the low hanging fruits: any avenue that is
relatively simple to fix gets fixed. And obviously anything that is a serious
security flaw gets fixed.

And, despite how much the hackers may hate it, Apple has (and has always had)
a philosophy where they do not care much for side-effects, or annoying a minor
niche of jailbreakers. What I mean is that, if you find a way to hack your way
around Apple's system, Apple doesn't care, but at the same time if/when Apple
is going to upgrade the system or make changes you can't expect _any_ effort
by Apple to not disturb your hack. That means they don't care about
downgrading, and they don't care if an upgrade makes the jailbreak not work:
that's your problem.

How much further than that they go? So far I haven't see much. They could have
really pursued it further. And maybe one day they will, but not so far.

~~~
megablast
If they fix a security hole deliberately, or change something in the firmware
that stops the break from working, that does not mean they are fighting
jailbreaking.

And there has been no evidence to suggest that they are going actively doing
this, thought they still might be.

------
av500
Apple is not fighting jailbreaking, at least not with more than token efforts
to appease people like AT&T and other carriers. All iPhones revisions out
there can be jailbroken and can be unlocked and there is a huge number of
iPhones out there in countries that don't even have an official iPhone
carrier.

Apple collects a nice sum of money for every iPhone sold and does not care
whether that was carrier subsidized and whether said carrier now makes a loss
due to the fact that the phone was jailbroken and unlocked and used one a
different network.

~~~
modeless
Apple is fighting jailbreaking, but not for the carriers. (Steve Jobs famously
called them "orifices".) Apple is fighting jailbreaking to prevent piracy of
App Store apps.

~~~
masklinn
And they really aren't fighting it very hard. The last thing they fixed was a
remotely exploitable hole which, when combined with another bug, let remote
root a phone without the user's knowledge from a mere web page.

~~~
modeless
The fact that a remote root vulnerability existed means Apple doesn't care
about jailbreaking? By that logic OpenBSD doesn't care about security because
they've had _two_ remote root vulnerabilities.

~~~
ugh
I guess the point he was making is that making jailbreaking impossible by
fixing the vulnerability was absolutely necessary.

~~~
modeless
Oh, I see, but that doesn't demonstrate his point that Apple isn't fighting
jailbreaking very hard. For that he would need an example of a vulnerability
that Apple _didn't_ fix.

~~~
ugh
Well, there’s a thing that won’t happen :)

I guess the point is that updates which fix vulnerabilities (which are the
only way to jailbreak) can never be evidence the Apple is fighting
jailbreaking. Apple will always fix vulnerabilities, everyone always should.

~~~
modeless
Remotely exploitable vulnerabilities, yes, but local vulnerabilities are much
less urgent to fix. If Apple truly didn't care about jailbreaks, local-only
vulnerabilities might stick around a _lot_ longer.

