Thursday, November 5

I’ve hacked you – now pay me!

All this week, Dutch iPhone users have been seeing this message on their beloved devices

your iPhone has been hacked because it’s really insecure! Please visit xxxx/iHacked and secure your iPhone right now

Together with a request for $4.95 for help securing their phone.

What’s going on?

It turns out that an enterprising Dutch teenager (PureInfinity92) managed to hack a large number of Jailbroken iPhones, flagging up a couple of well known security breaches. He used a combination of port scanning and OS fingerprinting to find iPhones in T-Mobile's 3G IP range and exploit a known security risk in those that were jailbroken (OpenSSH is installed with the same root access and password on all devices!)

Unfortunately for his entrepreneurship, he was quickly outed, and his paypal account blocked. He has apologised to all, offered refunds to those who paid up, and made his security advice available for free

In fairness to the guy, his original message did say:

If you don't pay, it's fine by me. But remember, the way I got access to your iPhone can be used by thousands of others. And they can send text messages from your number (like I did..), use it to call (or record your calls), and actually whatever they want, even use it for their hacking activities! I can assure you, I have no intention of harming you or whatever, but, some hackers do! It's just my advise to secure your phone (: Have a nice day!"

Find out more from the original Dutch posting (translated by Google)

So – why use Jailbreak at all?

One of the biggest problems with using iPhones, and iPod Touches as learning tools is the “closed shop”, when it comes to sharing, and distributing Apps. Teachers cannot easily share content they have made.

Developers need to pay, and be approved by Apple. All applications need to go via Apple(iTunes), and be approved by Apple. Added to that, many countries (like most of Africa!) are not even allowed to download apps from iTunes. This is a MAJOR restriction on educators looking to make and share applications.

Jailbreak is the widely used, though not-quite-legal technique of unlocking your iPhone so that applications can be directly uploaded without going via iTunes and the AppStore. Unfortunately though, it is (by definition) not as secure as the Apple’s proprietary approach, which is why PureInfinity92 managed to hack as many phones as he did.

 

Our m-learning.org team do certainly not recommend jailbreaking your iphone, though we are very against the current restrictions on regular teachers making and sharing Apps and look forward to the time that Apple opens access to their Apps up a little more (like all the other mobile App stores!)

No comments:

Related (possibly!)

Related Posts with Thumbnails