iPhone users — go directly to jail

Written by Matthew JC Powell Thursday, 26 November 2009 00:10

The first bit of malware for the iPhone that was seen "in the wild" (the Ikee worm) was really nothing more than a harmless prank. However, people with malice on their minds took it and ran with it, turning it into genuinely dangerous software (called "Duh")  that could take control of your iPhone and use it for their purposes, not yours. If you were affected, you had very good reason to be concerned.

But what about the rest of us?

I have to admit I wasn't even going to write about the worm, which affects only jailbroken iPhones. But last night I got a phone call that made me reconsider my position.

It was a former colleague — not an unintelligent guy nor technologically naive — worried about this threat to his iPhone's well-being. He'd read a story about how security firm Sophos had managed to discover the password required to regain control of your iPhone, and also Sophos's recommendation that people should change the password from its default. Thing is, Sophos didn't give any instructions on how to go about doing this.

"So how do I change the password on my iPhone?" he asked.

"Is your iPhone jailbroken?" I asked.

"What does 'jailbroken' mean?" he asked.

At this point I knew he was pretty safe. If he didn't know what jailbreaking was, he probably hadn't done it. Still, I had to be sure.

"It's a way of cracking some of the measures Apple puts in place so that, for instance, you can only put software distributed via the App Store on your phone, and only use it on approved networks. That kind of thing."

"I don't know if mine is jailbroken. I'm on Optus" he said.

I shan't bore you with every detail of the conversation, but at that point you should have the same feeling I did: that his iPhone is not jailbroken and he's safe from the worm, but he really needs to know more about this stuff so that he can stop worrying.

My former colleague is exactly the type of iPhone user this worm is targetted at: people who know enough about the thing to follow instructions, but not enough to understand all the implications of what they're doing. The people who painstakingly figured out, step by step, how to circumvent Apple's locks in order to free up their iPhones know about security. They know about passwords, they know about root users, and they know about malware. When they jailbroke their phones, they no doubt changed the password from its default (which, I understand, is "alpine").

It's the people who wanted to do it but didn't know where to start, who searched on the internet and found the instructions and followed the tutorials or even simply ran the pre-packaged scripts to jailbreak their iPhones, who are at risk. They may not have bothered to change the default password for root access to their iPhones, or even realised such a step existed.

To all of them I have this advice: get your iPhone back in jail. Apple put those restrictions in place not merely to make your use of the iPhone unpleasant and limited, but to protect you from exactly this type of threat. A non-jailbroken iPhone is not at risk from this worm — not even a little bit.

That's not to say there won't be a threat to a stock iPhone at some point in the future. There may well be, but there isn't one now. And when there is one, it will be Apple's responsibility to protect you from it. People who jailbreak their iPhones and then complain because the security was compromised are missing a basic point: they're the ones who compromised it. Not the fellow who wrote the original worm, nor the baddies who took that work and ran with it, turning it into something nasty. And certainly not Apple.

Apple put a padlock on the door, and you smashed it with a hammer — you can't blame Apple that a robber got in.

Incidentally, if you believe your jailbroken iPhone may be compromised, the password you need to use to login and regain control of it is "ohshit" — pardon my French. If you've jailbroken your phone, but you have no idea what I mean by login and regain control, take it to someone who knows about these things — perhaps whoever it was who helped you jailbreak the thing in the first place — and get them to fix it.

Then reinstall Apple's iPhone software and don't jailbreak it again.

Read Paul Ducklin from Sophos's instructions for regaining control of your infected iPhone.

Discuss this post on MacTheForum.