User Tag List

  1. juju22's Avatar

    I want to react to Charlie Miller assumption that jailbreaking lowers iphone security [1].
    As I'm not familiar with jailbreak and cydia internals (which is most probably, the most common reason to jailbreak), I am asking on the forum:

    Yes, jailbreak allow non-apple checked apps to be installed. that is a goal.

    Does cydia have security mecanisms ?
    * integrity: debian apt has hash signatures and can use pgp/gpg signatures on pristine debian. I don't known if it is available in Cydia apt and used.
    At best, a Cydia AppStore could have applications signed with an "editor" gpg signature.
    Standard apt provides way to control hash or gpg signature locally. At best, command need to be available to do so or upload database on a trusted computer where it could be compared to a previous one.
    I don't know if iphone with or w/o cydia has something like mtree which is pretty common on BSD. (similar to tripwire/aide)

    * confidentiality
    still mourning for an encrypted fs: filevault or/and truecrypt on iphone would really helps.
    Sadly, it's kernel stuff, so Cydia can't really help on this

    Else an important point would be using more non-root users. As desktop, we need to minimize the use of privileged users to avoid pitfalls encountered by old Windows and ensure separation of privileges.

    * Policy Manager
    i'm really looking for this kind of app, in default iphone and in Cydia.
    It seems firewall part starts to appear [2].
    What is a policy manager ?
    For me, it is the ability, either before-hand, either on demand, to say this application can access or not or need to ask each time it used some functionnalities.
    Functions are mainly: mobile phone network access, wifi network access, bluetooth, gps/localization services, run as root or alternative user (apple _mobile, _cydia, _thisapp), camera, audio, phone, contacts, calendar access

    any comments ? or some apps with this kind of feature ?


    [1] Security and Functionality: Why Not Jailbreak Your iPhone
    [2] Firewall app to hit Cydia store soon! | Digital Marketing Talk
    2009-11-01 01:15 PM