Saturday, August 14, 2010

Protect your Jailbroken iPad from Malicious Variants of Jailbreakme

Apple recently released firmware 3.2.2 for the iPad, which patches the very large security holes exploited by @comex in the 2nd incarnation of jailbreakme.com. I recommended that those iPad owners, that had Jailbroken their iPad, to not install the patch.  If you were to installed the patch you would patch the security hole and make your iPad no longer vulnerable to truly malicious variants of jailbreakme (these variants aren’t out yet, but they’re sure to come!), but you would lose your Jailbroken abilities and apps on your iPad. No fun!

Luckily for us, the Jailbreak community has a way for use to remain free and protected.  @saurik has been burning the midnight oil coding a Cydia package call PDF Patch (CVE 2010 1797) that fixes the holes for not only the iPad, but for all idevices and all firmware versions (even going back to version 2.x!).  Apple's patches excludes the iPhone2G and iPod Touch 1G users.                                                      

Since the only reason for 3.2.2 was to fix the security holes, and since the upcoming Cydia package fixes them too (and then some!), everybody should sit tight on 4.0.1 (or lower) and install the Cydia package called PDF Patch.  Jailbreakers can have their cake and eat it too. 

To install, simply launch Cydia and click the "Search" icon.

Photobucket

Click the search field and type "PDF Patch"

Photobucket

Tap the "PDF Patch CVE 2010 1797" item that appears

Photobucket

Click "Install"

Photobucket

Click "Confirm"

Photobucket

The PDF Patch will install

Photobucket

Click "Restart Springboard" and wait for the device to reboot.

Photobucket

To test that it’s working properly, visit jailbreakme.com again.  

Photobucket

After you slide to jailbreak, you should no longer see a dialog box pop up

Photobucket

You’ll just see the star background.

Photobucket

That means you’re no longer vulnerable!

No comments:

Post a Comment