Many sources are reporting on the existence of an iPhone "Worm" that RickRolls the phone's user. Harmless, but troublesome.
It should be noted, however, that this isn't exploiting a known security hole in the iPhone, but rather is a side-effect of one-button JailBreaking. By packing up the JailBreak process so that anybody can do it, regardless of their level of technical knowledge, the JailBreak community has handed less technically adept people a loaded gun that they've never been trained to use. People in the jailbreak community know enough to change the default password used by their jailbroken phone's SSH server, but many of the less-technically adept people who have used Quick-PWN and other JailBreaking tools do not. Some of them likely don't even know what SSH is.
This time, people are only shooting themselves in the foot. Next time, it could be the head. Next time, it could impact all of us. Instead of a RickRoll, it could be a DDOS attack that degrades AT&T's already horrid network.
if you're going to jailbreak your phone (and personally, I would rather you didn't), it's your responsibility to make sure you understand the risks you are taking by doing so, and that you take reasonable steps to secure your phone. If you don't know enough to do that, leave your phone the frack alone.
I fully expect Apple to redouble their efforts to prevent JailBreaking and, you know what? It's perfectly understandable. The idea of a totally open and unrestricted device is great, in theory. It would be great if all the people with those open and unrestricted devices were all technically adept super-users or developers. When you throw less-techical people into the mix with a device that's always connected to a shared network, the theory falls apart. Simply put, most people should have a locked-down phone, and it has nothing to do with wanting to restrict what you can do with your device, it has to do with making sure the rest of us are able to use ours.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment