And just like that, Apple‘s methods for detecting jailbroken iPhones went up in smoke. We’re referring, of course, to the jailbreak detection API that the company recently introduced as part of its iOS 4 update. Lasting a mere six months, the detection API is now gone as of iOS version 4.2, forcing device management vendors to turn to alternate approaches to detect jailbroken devices.
There’s been no reason as to why the switch occurred on Apple’s end. However, the company has always found itself in a kind of cat-and-mouse battle throughout the iPhone’s existence—just as soon as it unveils a new method for protecting phones or, in this case, alerting users to jailbroken devices, enterprising iPhone hackers seem to find a way to work around Apple’s techniques.
“It may be feasible to detect jailbreaks of a specific version or type, but they will still be trapped in the cat and mouse game they play with jailbreakers,” said Jeremy Allen, principal consultant with Intrepidus Group, in an interview with NetworkWorld.
“Whatever they add to detect the jailbreak, if it is to be queried from the iOS kernel, it must be accessible and have the ability to be changed. Meaning, if it is going to be a useful detection method it can also be circumvented. It is a fairly intractable problem to solve one-hundred-percent,” he added.
[RELATED_ARTICLE]In this case, the specific API allowed mobile device management applications to essentially query the iPhone itself and ask the device whether it’s been jailbroken or not. That’s made possible by the fact that a number of jailbreaks change specific files used by the operating system and, as well, exploit the underlying code in some fashion. This “unlocks” the iPhone and allows users to install third-party applications not otherwise found in the App Store or, crazier yet, full-fledged OS replacement s and other more advanced tweaks.
Once an iPhone coughed up the fact that it had been jailbroken using Apple’s API, an enterprise application could take actions to prevent the offending (and possibly unsecure) device from connecting up to a corporate network or email server. As well, a centralized IT department could be notified that a device was modified in an unauthorized fashion.
That said, mobile device management applications do have other ways of checking for jailbroken phones that don’t themselves rely on Apple’s now-defunct API. For example, an application can attempt to perform functions within iOS that are otherwise forbidden by the software on a standard iPhone. If the application is successful, then it knows that said device has been tweaked by the end user.
Copyright © 2010 Ziff Davis Publishing Holdings Inc.