Jailbreaking an iPad Exposes Vulnerabilities

At the McAfee FOCUS conference in October of last year, members from McAfee Labs™ spoke about malware and other threats that affect security. One of the most popular events was when they brought an iPad on stage and did a live hack.

The researchers were able to remotely watch as a user accessed his email and even interacted with the device by accessing the iPad via an unprotected wireless Internet connection (like many of use in a café, airport or other public place).

The issue that made the iPad vulnerable has since patched, but the tools used in this hack were some that are also used to “jailbreak” a mobile phone or tablet.

Jailbreaking is the process of removing the limitations imposed by Apple and the associated carriers on devices running the iOS operating system. A jailbroken iPhone or iPad breaks Apple’s security and allows users to download applications, some of which are pirated from unofficial third party stores.

Similar to jailbreaking, rooting is the term used for this process of removing the limitations on any mobile phone or tablet running the Android OS.

Jailbreaking or rooting your mobile device may be desirable in some cases for some people, but what we all need to be aware of that by doing so, we are opening the device up to vulnerabilities which can be used for malicious purposes.

Here’s the link to the full paper that was written from this demo:

The lesson we all can learn from this? We need to protect ourselves by:

Using strong passwords and locking our devices

Ensuring that anti-malware and anti-theft protection are in place on our mobile devices

Taking precautions when using public Wi-Fi connections

Being aware of what we do online and how it can make us vulnerable

Robert Siciliano is an Online Security Evangelist to McAfee. See him discussing identity theft on YouTube.(Disclosures)