This is a very elegant jailbreak. No computer required -- jailbreak from the device (currently supports iPhone 4, 3GS running iOS 4.0 or 4.0.1 and iPad 3.2.1)
I'd like to know how this works, and it does indeed work. Using this method, couldn't any site install arbitrary software on an iPhone through Safari without the user knowing?
Yes. This is a massive security hole that Apple is sure to fix as soon as possible. I don't know if this jailbreak does it, but the old (iPhoneOS 1.1.1) jailbreakme.com not only exploited the TIFF vulnerability, but also patched it so it couldn't be used by anyone else. It would have been nice if they just offered an option to patch without jailbreaking though.
Fortunately, it's not just a copypasta Javascript exploit or anything of the sort - you have to actually know what you're doing in detail to modify this exploit to do what you want.
It uses a PDF exploit (yes malicious site could also use this). Currently MMS and Facetime is being broken for many people. I suggest waiting until the kinks are worked out.
This is a very elegant jailbreak. No computer required -- jailbreak from the device (currently supports iPhone 4, 3GS running iOS 4.0 or 4.0.1 and iPad 3.2.1)
1) Visit http://www.jailbreakme.com from your device.
2) Slide your finger.
2) Your device will be jailbroken. Cydia will be added to your home screen.
</notspam>