So how does it work? JailbreakMe.com first surfaced at the end of 2007, carrying a similar web-based jailbreak for iOS 1.1.1. The hack exploited a vulnerability in Apple’s Mobile Safari browser to inject the jailbreak code into an iPhone or iPod Touch. Interestingly, the original JailbreakMe.com hack for 1.1.1 would fix the mobile-Safari security hole after exploiting it. It didn’t take long for Apple to release the iOS 1.1.2 update, officially sealing up the Mobile Safari bug for good. Jailbreakers from then on relied on PC-based tools to hack their devices.
Upon JailbreakMe.com’s recent resurfacing, initial reports claimed the hack used a security hole in Apple’s Mobile Safari once again. However, this has been confirmed to be false. Instead, the hack uses an exploit in a component for displaying PDF files. The hack simply uses Safari (which can obviously view PDF’s) to load a custom file containing the jailbreak code. It is not clear at this time whether it seals the security hole afterwards.
Despite the recent legal ruling on jailbreaking, Apple maintains its firm policy against it. While the hack is reversible, your warranty may be voided and Apple will not support devices that are known to have been jailbroken. For that reason as well as obvious security risks, I’m sure we’ll be seeing a fix for the PDF exploit in an official update soon.
Today @ PCWorld has highlighted the jailbreak process via JailbreakMe.com as well as some of the risks and problems (particularly on iPhone 4) with the tool. It is definitely worth reading if you are considering using JailbreakMe.com to hack your device.
Follow Mike Keller and GeekTech on Twitter.