Skip to main content

Jailbreaking iOS is a Dead Man Walking


Rumor has it that Apple will include a new security feature (possibly known to the developers in Apple as "Rootless") in the upcoming releases iOS 9 and OS X 10.11. Although details are sparse, it looks like Apple may have implemented what other UNIX systems call "namespaces" (See this nice discussion of namespaces on Linux).

Most of the public speculation about the rumor concerns a possible end to jailbreaking, a sport which has fallen on hard times with successful jailbreaks coming fewer and farther between. Since the defects which enable jailbreaking are inherently open to malware, Apple's ongoing efforts to find and fix these bugs with the LLVM/Clang compiler's ever-more-diligent static analyzer make it harder for the jailbreak community to find a toehold.

However, a namespaces-like security architecture might fix one of the biggest issues that leads people to desire a jailbroken iPhone. When iOS was created, the system extension features were locked down to Apple-only development, in order to (dramatically) improve the security posture of the iOS devices. This strategy, in combination with other features like digital signatures on third-party software, has been successful, too. Malware on iOS is essentially non-existent (although there has been at least one interesting bit of malware discovered on jailbroken iOS devices). The trade-off is that third party developers cannot extend the system, as they can on the Mac.

With an operating system kernel architecture based on namespaces (or something like it) Apple would be in a position to begin relaxing the restrictions, allowing developers to build plugins which extend basic iOS services—at which point there's very little remaining incentive to jailbreak a device. Don't expect plugins on iOS right away, though. Apple is likely to test out the robustness and iron the wrinkles out on the smaller pool of OS X devices, before re-introducing something like plugins and system extensions on iOS the following year.

If the new Rootless features are indeed based on namespaces, there will be other benefits, aside from improved security of the system, such as improved performance of virtualization systems running on OS X and native support for cloud services platforms and tools like Docker. Since Apple is one of the largest cloud services vendors in the world, this sort of improvement to OS X seems even a little overdue.

Another interesting possibility: SVA (see their site: Secure Virtual Architecture), a memory safety approach that's basically been a research project for years, emerging from the same community as LLVM/Clang. Maybe Rootless is an SVA-like implementation?

WWDC 2015 is right around the corner. If there's a kernel of truth in the "Rootless" rumors, perhaps Jailbreaking is dead. If so, it's probably a cause for celebration, rather than mourning. Long live Rootless secure system extensions.


Comments

Popular posts from this blog

Verified by Visa (Veriphied Phishing?)

If you have used a Visa card to make a purchase online lately you may have encountered a relatively new program, Verified by Visa . I've encountered it twice. The system is an interesting attempt by Visa to reduce online fraud and identity theft. It's a noble effort, but the user experience is unsettling, and the security implications are not exactly crystal clear. Here's what happened to me, both times the system was activated. I was redirected away from the domain at which I was shopping, to a URL which was: not the domain where I was shopping, not the domain of the bank that issued my card not visa.com I've been telling people for years that if anything like that happens to you, close your web browser immediately and do not under any circumstances enter any personal information into the form, because this is a sure sign of a man in the middle or phishing scam. (Never mind that all the best phishing scams now-a-days look like the actual domai…

Hacker 0x80 0wn3d by FBI (Arrested after Accidental Outing by Washington Post) [1]

What can the botmaster 0x80's impending misfortune [1] teach us about information security? Quite a bit. What the botmaster and the reporter didn't count on is a security risk known as "the aggregation problem" or "point and click aggregation". It's not surprising, as even practicing security professionals are often unaware of this problem, or vaguely aware of the concept but not the name. Information Security dictionaries online generally lack the terms, and don't mention them in their discussion of "disclosure" either. The aggregation problem happens when a series of small facts, any one of which if disclosed present a minimal security risk, combine to present a greater security risk when disclosed together. When aggregated, information from publicly available sources may accidentally disclose information that was intended to remain confidential. As it happens, an IETF glossary contains a definition of the basic term. RFC 282…

Virus Vulnerability for RFID (Radio Frequency ID tags)?

The breeding ground for the computer virus will be expanding continually and rapidly over the next decade as appliances, automobiles, and all manner of other things become equipped with wireless networking and miniature computers. Cell phone and similar networks may enable worms to leap between devices over long distances and other networks over short distances. Researchers have recently demonstrated that RFID tags may be vulnerable next. Articles on the topic: RFID worm created in the lab [NewScientist.com]Viruses leap to smart radio tags [BBC.co.uk]RFID tags could carry computer viruses [SecurityFocus.com] The details for the curious: RFID Viruses and Worms The AntiVirus paradigm that we [the IT community and industry] have foisted upon PC users is already breaking down under the strain of too many virus variants and too many non-technical PC users. The paradigm probably won't work at all for cell phones and the paradigm is completely broken for the typical RFID device whi…