While Apple strongly discourages jailbreaking its devices, some users do it anyway to get access to operating system enhancements or tweaks not available through Apple.
Jailbreakers enjoyed copy-and-paste functionality in iOS long before it was introduced by Apple in iOS 3.0, for example. And an app that allowed users to turn their phone into a Wi-Fi hotspot so they could connect their tablet to the Internet was available for many months before Apple introduced its functionally similar Personal Hotspot feature.
But jailbreaking is a bad idea, say security experts. Users that jailbreak their iPhones or iPads leave themselves open to data theft and risk hackers wreaking havoc on their corporate networks, said Michael Shaulov, a mobile security expert and head of mobility product management at security company Check Point Software Technologies.
Apple’s iOS mobile operating system is the most secure one for most enterprise users, he said, but only if they don’t jailbreak their devices.
“Apple has baked security enhancements into the iOS kernel, and some important ones are removed when you jailbreak,” he explained. “When you jailbreak your device, you convert a secure sandboxed operating system to something where any app can tamper with data from other apps.”
Apple places a restriction on its iOS software that means that — with certain exceptions — only software that has been vetted, approved and signed by the company and installed from Apple’s App Store can be run on its mobile devices. Although Apple’s vetting procedure is not perfect, it does reduce the likelihood that an app offered in the App Store is malicious.
Jailbreaking overcomes this restriction. Once a device has been jailbroken, users can download and run unsigned applications from an alternative iOS app store called Cydia, and from any other source that they may come across. This means that users may unwittingly download malicious software that compromises their mobile device security.
Jailbreak Detection ?
That’s one of the key reasons that most enterprises forbid users from jailbreaking their iOS devices if they are used for work purposes. It’s also why most enterprise mobile device management (MDM) systems include jailbreak detection among their features.
Jailbreak detection allows administrators to block jailbroken devices from accessing the network, to delete corporate information from the device or, if the device is owned by the enterprise, to require that the device be returned to a non-jailbroken state.
It’s worth noting at this point that forbidding users from jailbreaking their devices – and enforcing this rule with jailbreak detection – can’t stop users from running unapproved apps entirely. Developers (including malicious developers) can sign their applications with an Apple enterprise certificate if they have access to one, and this allows the applications to be installed on any iOS device without Apple approval and without going through the App Store.
(Enterprise certificates are intended to allow enterprise developers to create custom apps which can be installed and run by people within their own organization.)
It’s also worth noting that jailbreak detection is not 100 percent accurate. A highly competent attacker that compromises a jailbroken iOS device gains complete control over the device. That means that they can intercept calls to operating system functions, and therefore in theory they can defeat any MDM’s jailbreak detection functionality, making it report that the device is not jailbroken even when it is.
Blackberry has attempted to solve this problem with its new Priv handset by embedding cryptographic keys in the handset hardware. These can be used to verify that the operating system has not been jailbroken or otherwise tampered with and can’t be modified by malicious software.
Jailbreaking: Security Risks and Benefits
But does a jailbroken iPhone or iPad pose a greater security risk than a non-jailbroken one?
Even though software installed from Cydia is not vetted by Apple, the ability to install software from this alternative app store can sometimes actually enhance security.
Apple is often slow to release operating system updates that provide fixes to known security vulnerabilities, leaving iPhone and iPad users at risk of compromise until the updates are made available. On a number of occasions in the past, Cydia developers issued their own patches to fix vulnerabilities long before official Apple fixes were made available.
Cydia developers do not always provide patches before Apple’s official ones, of course, and in some cases jailbroken devices may be vulnerable for longer than non-jailbroken ones. When Apple releases an update to iOS, it frequently patches the vulnerabilities that allow the device to be jailbroken in the first place. That means people with jailbroken devices are often reluctant to update their devices to the newest version of iOS, because doing so would mean that their device would no longer be jailbroken. But by failing to update, the vulnerabilities remain unpatched.
When users jailbreak their devices, the risks far outweigh the potential benefit of having access to the occasional early security patch, Shaulov said.
For example, since jailbreaking undermines iOS’s sandboxing capabilities it is far easier for a hacker to take over a device completely using remote exploitation from a website. “On a non-jailbroken device it is difficult for a hacker to ‘own’ your device,” he said. “But to do that on a jailbroken device is easy, as you just need one exploit, not a whole chain of exploits.”
iOS Security Caveat
A final thought: While iOS may be the most secure mobile system for typical enterprises, Shaulov contends that it doesn’t hold true for “high value” enterprises that are likely to be targeted by nation-state agents or particularly sophisticated hackers. Such attackers are capable of compromising any device and operating system, he said.
“The fact that you rely on a monolithic operating system (like iOS) actually makes it easier for a skilled attacker to own you completely,” he warned. “If you are likely to be targeted by a nation-state then having fragmentation (using different versions of different Android-based operating systems) may actually help you.”
Paul Rubens has been covering enterprise technology for over 20 years. In that time he has written for leading UK and international publications including The Economist, The Times, Financial Times, the BBC, Computing and ServerWatch.
