Filed under: Analysis / Opinion, Enterprise, Blogging, iPhone, Jailbreak/pwnage
Hiring a new sheriff: Apple clamping down on jailbreaking to soothe corporate angst?
With the latest jailbreaking code, blacksn0w, now available for Geohot's blackra1n utility, iPhone owners who want to free their favorite smartphone from the constraints of the App Store and the AT&T network may do so. But a recent report by PCWorld / Network World indicates that Apple is hiring a new "sheriff" to lock up the iPhone platform for good. Is this true? Maybe not.According to the post by Network World blogger John Cox, an Apple corporate website is showing a job posting for an iPhone platform security manager. The manager would lead a team aimed at creating methods for secure booting and installation of the iPhone OS, strengthening the platform's cryptographic services, partitioning and hardening internal security domains, and providing risk analysis of security threats.
The post goes on to breathlessly state that this job posting (which is noted as filling an existing position, not creating a new one) is indicative of Apple's concern that enterprise users might jailbreak and unlock their iPhones. The jailbroken phones would let enterprise users load apps that could "threaten corporate data or back-end Exchange servers," and "unlocking the phone... makes it hard to track, monitor and optimize wireless costs and could open the enterprise to legal problems."
Why is it so important for Apple to crack down on jailbreaking and unlocking? Well, the post says that many enterprises are adopting the iPhone "despite the fact that Apple provides virtually no security or management infrastructure..." That last statement is a bit ridiculous, considering that Apple even provides a series of white papers on exactly how to implement secure, managed iPhone deployments in enterprises.
Perhaps the author has been out the enterprise world for a while, since alterations like jailbreaking and unlocking are forbidden by policy in almost all big businesses that provide their employees with phones. As Mike Rose put it succinctly, "What enterprise user is jailbreaking their phone to use T-Mobile when that means they won't get reimbursed for their cell costs? What enterprise user wants to risk getting cut off from Exchange access?" And what enterprise employee is going to risk his or her good graces with the corporate security team for the sake of being able to run SplatCam or Cycorder on the iPhone?
The post tries to tie the rather innocuous task of filling an open job posting to an attempt by Apple to try to shut off the jailbreak world -- which, if it is doing, isn't necessarily about covering corporate requirements. As long as there are people who want to jailbreak their phones or unlock and move them to a different GSM carrier, hackers will find a way to do it. To us, it appears that Apple is just trying to maintain and improve security for the iPhone platform, something that will benefit all iPhone owners.
![TUAW [Cafepress]](http://www.blogsmithmedia.com/www.tuaw.com/media/tuaw-cafepress-promo.png)
Reader Comments (Page 1 of 1)
Andre said 1:06PM on 11-10-2009
I would only Jailbreak to unlock my phone. All Apple needs to do is make legitimate unlocking easy, and they'll solve a good chunk of the issue.
Reply
NoAndThen said 1:18PM on 11-10-2009
You're crazy, Andre.
Sure many people do it to unlock, but if I couldn't run sbsettings, backgrounder (pandora while browsing the web? Yes please,) run AFP to view my iphone in Finder over wifi, and have quick reply to texts, and a flashlight that actually gets bright, and pdanet (at a minimum) I would ditch my iPhone.
Abso-freaking-lutely, I said it. Although I think in addition, we can all agree having emulators is freaking awesome. Even more so if iControlpad ever comes to fruition.
Reply
Michael Rose said 1:33PM on 11-10-2009
Is your iPhone connected to your corporate Exchange server? Mind if I get the number of your employer's IT security hotline and have a quick chat with them?
The point isn't that there's an ongoing tit-for-tat struggle between Apple's security folk and the jailbreak community; that's not news. NetworkWorld tried to *make* it news by coming up with this cockamamie business about jailbreaking being such a threat to enterprise use that Apple HAS to crack down.
Hogwash.
Dave said 3:54PM on 11-10-2009
Well I work for a Fourtune 100 company and the VP of Technology asked me to unlock an iPhone for the CEO... So big corporations do want unlocked iPhones.
I did change the root password though.
mikeB said 1:21PM on 11-10-2009
I've gotta agree with NoAndThen. I have zero interesting in unlocking my phone using blacksn0w. I'm jailbroken purely for the added application functionality.
Reply
Jents said 3:42PM on 11-10-2009
The jailbreaking tools are used to circumvent the 3GS encryption. Jailbreaking The Enterprise wants Apple to correct this to ensure compliance with federal and state data security regulations.
Reply
MJedi said 1:36PM on 11-10-2009
Maybe Apple should work on keeping MobileMe up and running instead of wasting their resources on stopping jailbreaking.
Reply
jonathan said 1:40PM on 11-10-2009
seriously. i havent had access since about 11AM
jb510 said 1:39PM on 11-10-2009
If Apple were to offer similar functionality JB/UL, which enterprise (phone owners) could securely DISABLE, then the JB/UL community would all but vanish overnight. Enterprises (phone owners) could then disable the functionality in their "secure" environments and those that wanted to could install and switch carriers to their hearts content. There wouldn't be an active JB/UL community to attack the included lock down mechanism and everyone would be happy even Apple...
Reply
AriX said 1:55PM on 11-10-2009
Umm, what now? Improving security will benefit all iPhone users? Maybe the ones that don't jailbreak or need/use jailbreak features.
Maybe if they were less insane with their restrictions, we wouldn't need our phones to have terrible security in order to use them to their fullest.
Reply
phlyingpenguin said 1:58PM on 11-10-2009
As much as people would love to have Apple open up the iPhone and eliminate the need for jailbreaking, I think the community has already shown its trustworthiness with such power through the RickRoll worm. Leaving a root password set default and without instruction to users who wouldn't know better is plain stupid. I've been waiting for alpine to rear its ugly head since the first time I tried a jailbreak. The bottom line is that jailbreaking is giving power to users who don't understand what's going on, and can't wield it correctly. I think an enterprise user fits squarely in this category as I've seen plenty of them in my own organization who are more than happy to blindly install firmware hacks and unofficial/unapproved software without any second thought.
There are of course downsides to an unjailbreakable iPhone that may make iPhone less desirable for some users, but I really doubt those few users leaving the platform would put much of a dent in the iPhone user base. I like the idea of "if you can't open it, you don't own it," but realistically, I'm not sold on opening the iPhone being as easy as jailbreaking is today.
Reply
hmlong said 6:47PM on 11-10-2009
"...the community has already shown its trustworthiness..."
Not to mention installing cracked applications. When 80% of your application base is using the cracked version instead of the paid one you know just how "trustworthy" the jailbreaking community actually is...
Steven j said 2:57PM on 11-10-2009
Blacksnow is not a jailbreak tool it is an unlocking tool
a user must run a jailbreak process in order to access the root of the phone apple has protected in order to run the scripts which enable the unlock.
I am sure a good 75% of users here understand this but:
jailbreak: the act of opening your phone to be able to run non apple approved apps -the phone can still stay on the original carrier.
Unlock: the act of modifying the baseband (software used to instruct the phone to look for either a specific network like AT&T or any network as determined by the sim card inserted into the phone
Not everyone who jailbreaks will unlock and blacksn0w is for unlocking. Blackta1n is a jailbreak
i am pointing this out because it seems very irresponsible for this site to confuse them.
Of the two processes, a jailbroken phone is the less problematic if you require service as a jailbreak can be 100% undone via a fresh restore.
An unlock on the other hand often modifes files that stay modified.
Long and short - a jailbreak will almost never "brick" your phone. An unlock is a little more likely to run into permanent problems.
Reply
JD said 3:49PM on 11-10-2009
"To us, it appears that Apple is just trying to maintain and improve security for the iPhone platform, something that will benefit all iPhone owners."
C'mon, you just threw that out there to boost the comment rate on this non-news, right? Saying something that is patently untrue ("all") not just of your readership, but even of that editorial "us", as we all well know. Please correct your error -- or wade into the deep politics of telling us how something we don't want is nevertheless better for us.
Reply
kfresh said 4:33PM on 11-10-2009
I was thinking a lot about this today. It now makes sense why Apple initially tried to partner with Verizon for the iPhone in the U.S.. Their CDMA phones would have made unlocking that much more difficult. The lack of a SIM card would have sandboxed it in pretty tight. The other carriers would have to knowingly activate a phone not intended for their network and would have been able to control data usage costs much more easily.
The network quality would have been much more solid too. Verizon with an iPhone would have been fabulous. And may be a negotiating point in future partnerships.
Reply
Aaron said 4:51PM on 11-10-2009
I (sort of) understand why Apple would want to try to eliminate security holes in the iphone os so unlocking and jailbreaking is not feasible, but the ipod touch? That can't be legal - what argument would they have for preventing us from jailbreaking to use custom themes, backgrounder, etc? Sounds pretty illegal of them, to me. We bought it, we should be able to do anything we want with it, considering there is no "contract" like you would have with the iphone.
Reply
hmlong said 6:56PM on 11-10-2009
"We bought it, we should be able to do anything we want with it..."
You bought the hardware, and if you want to drop it out of a window or bash it with a hammer then feel free.
The software that's downloaded to the hardware, however, is under a EULA and is not yours to do with as you will.
Aug said 5:08PM on 11-10-2009
I own 3 iPhones, 2 that are no longer on contract. How do I hand them on to friends and family? Wait for Apple to pull a thumb out? Or actually use an application that works and donate to the hacker that supplied the fix?
Well which one do you think is more reliable?
My money is always on the hacker! Also if I go abroad, am I supposed to pay a fortune to use my mobile? or hack it and buy a pay as you go SIM?
This is not only Apple's fault but also the mobile companies...
Reply
Scott R said 5:17PM on 11-10-2009
With regard to analytical skills, John Cox is only one step above Rob Enderle.
If you're not sure what that means... let's just say that it's not a compliment.
Reply