Following my experience earlier this year with the iKee worm (which can only infect jailbroken iPhones) I thought it’d be worth expounding upon the pros and cons of jailbreaking.
Why not to jailbreak
- A stock iPhone is amongst the more secure computing devices out there, due to it’s security model. To my knowledge there’s not yet been a single ‘proper’ virus for it, that is, one that exploits a programming flaw in order to execute it’s code (compare this to the Android OS, where there are already botnets of infected phones). This is not to say that there will never be such a virus (since of course jailbreaks exploit just such flaws!) but the likelihood is vanishingly small, given the hurdles it would need to overcome. Jailbroken iPhones however are more susceptible for three reasons:
- Jailbreaking at a fundamental level means to disable the iPhone’s ‘only Apple-signed software can execute’ security model. This makes a jailbroken phone susceptible to viruses.
- Due to reliance on that model, the passwords of the two user accounts (root and mobile) are common to all handsets and are well-known (‘alpine’ and ‘dottie’).
- Most power users who jailbreak will install OpenSSH, which increases the attack surface of the device since it will also become vulnerable to SSH-based over-the-network attacks.
- You can safely upgrade to the very latest version of iOS with impunity and benefit from all the latest new features (limited only by whether the age of your iDevice might make it too sluggish).
- You will have no issues with support when you have a problem with your device. The alert Apple Genius will drop you like a hot potato if they notice your device is jailbroken.
Why to jailbreak
- The other side of the coin of point 1 above is that it seems unlikely that anyone would go to the trouble of writing a malicious virus (as distinct from the iKee-style mischievous experiment) in the knowledge that it could only infect jailbroken phones – the worldwide population of infectable devices is just too small for it to be worthwhile.
- Jailbreaks depend upon finding and exploiting one or more flaws in the stock iPhone hardware/firmware/software. Once the relevant exploit(s) are published (including when the jailbreak is released) all stock iPhones become susceptible to a virus written using that method. Since a patch for the flaw(s) is usually released in the jailbreak community following the jailbreak, for these identified and specific flaws a jailbroken iPhone is actually less susceptible to penetration than a stock one!
- The benefit most often talked about, that being the freedom to install whatever software you choose on a device that you bought and paid for. We own the device after all and therefore it should be entirely up to us what we do with it; we don’t need an Apple-nanny to choose for us!