5 months to get iOS 6.1, now 3 iOS updates in the 1 month AFTER evasi0n is released... coincidence??

[talkin73]

So Apple took their sweet 5 months of time to get a single update for iOS6 out to users. Since evasi0n dropped, they are now on their 3rd update in less than 1 months time (6.1.1 for the 4S, 6.1.2 for all comers, 6.1.3 for all comers). Are they trying to patch the evasi0n loophole in the code in a discreet way? I would assume they could have patched it with 6.1.1 or 6.1.2 but maybe they don't actually know how and are just trying several things to see if it works? Or, am I just considering a total conspiracy theory (Tom Clancy haters of the world unite!) that has absolutely no legitimacy behind it ? Thoughts???

 

[MrszBerry]

Re: 5 months to get iOS 6.1

This is what I was thinking also

 

[John Yester]

Re: 5 months to get iOS 6.1

IMO 3 updates to fix issues that had nothing to do with JB.... But there is tons of conspiracies in this world right??

 

[talkin73]

Re: 5 months to get iOS 6.1

IMO 3 updates to fix issues that had nothing to do with JB.... But there is tons of conspiracies in this world right??

I wouldn't expect Apple to announce they were patching a JB intentionally. That would seemingly piss of a vocal minority of users and since jailbreaking has been deemed NOT illegal by the government, deliberately blocking it or patching it could be construed negatively or potentially cause problems, no? I would expect that a subtle method of addressing something that is a potential problem for Apple and carriers (jailbreaking) would be to slip in a fix, quietly and with no fanfare, into an iOS update that is reportedly about totally unrelated fixes for "cellular connectivity" issues and the like... things all of us should be happy to have fixed, right!!!??? In other words, a deliberate attempt on Apple's part would, IMO, occur in what would be described as merely a benign update process to the end users.

 

[John Yester]

Re: 5 months to get iOS 6.1

Which goes back to the saying if it ain't broke don't mess with it. Some choose not to update and some do..

Being mine is a work device I don't want any loop holes which is how the JB works....

Jailbreaking your device eliminates security layers designed to protect your personal information and your iOS device. With this security removed from your iOS device, hackers may steal your personal information, damage your device, attack your network, or introduce malware, spyware or viruses.


I don't understand why people feel Apple is out to get them patching JB on iOS releases.... It's a security issue....

 

[BLiNK]

Re: 5 months to get iOS 6.1

honestly, we'll never REALLY know what Apple's intentions are

http://forums.imore.com/jailbreaking-unlocking-hacks-themes-mods/223304-my-conspiracy-theory.html

 

[3cit]

A major release takes a lot of time! (ie ios5 to ios6) however the single point releases are more for fixes as opposed to updates to the system.
I imagine that apple could have blocked the jailbreak at any point in time, they may have deemed this particular jb as less of a security threat due to its complexity, therefore, they aren't as concerned about it. But 6.1.3 is just around the corner!
For example, when jailbreakme.com was released it probed a HUGE security flaw! You could end up with unsigned code on your device simply by visiting a website! That is a true security issue, so they released a fix for that within a few weeks I believe.
This jailbreak requires multiple points of access, meaning the security flaw is not as dangerous. While the act of being jailbroken does reduce your security, it only does so because you can pit things on it your not supposed to, and you can open it up to others (ssh).

 

[John Yester]

Which is still a security issue......

 

[3cit]

But, not a security flaw for average apple user. Nobody is "accidentally" falling prey to this particular security flaw

 

[talkin73]

Which is still a security issue......

I assume you are calling it a security issue because one can't verify the intentions or security of JB applications from Cydia, for instance? In that way, I would agree. The simple act of jailbreaking the device, in my limited understanding doesn't actually introduce vulnerabilities but, rather, uses existing vulnerabilities to actual create a jailbroken "state" on the device. Can someone correct me if this novice understanding is inaccurate?

In response to your earlier comment, I don't think Apple is "out to get me" even if they patched an OS release which resulted in closing a JB vulnerability. if I were Apple or a non-jailbroken user, I'd appreciate it and it would make perfect sense. I was mostly curious to get other people's perspectives and stir up some fun speculation. Also, to know if others had info that might help me put into perspective where a company like Apple might be coming from... but 3 OS updates in a one month period is, AFAIK, unprecedented for Apple. I started with OS 2 on a 3G but have no recollection of updates coming out this quickly... just made me wonder outloud.

 

[kch50428]

You're "complaining" that Apple pushed out updates to correct significant issues?? If they hadn't would you be complaining about that too?? I'm fairly certain Apple knows exactly what the vulnerability is that is being exploited by evasi0n... they're choosing not to plug it... Yet... might they with 6.1.3? Or wait to 6.2?? Time will tell.

All this conspiracy theory stuff makes me want to buy aluminum futures... or stock in black helio paint manufacturers.

 

[BLiNK]

All this conspiracy theory stuff makes me want to buy aluminum futures... or stock in black helio paint manufacturers.

 

[talkin73]

You're "complaining" that Apple pushed out updates to correct significant issues?? If they hadn't would you be complaining about that too?? I'm fairly certain Apple knows exactly what the vulnerability is that is being exploited by evasi0n... they're choosing not to plug it... Yet... might they with 6.1.3? Or wait to 6.2?? Time will tell.

All this conspiracy theory stuff makes me want to buy aluminum futures... or stock in black helio paint manufacturers.

I'm curious where in my posts on this thread you see language that even remotely suggests a "complaining" about the updates. The title of the thread and tone of every comment has been speculation and curiosity. Your tone, however, sounds unfriendly and sends a message that speculation and asking of questions is not something that you welcome. Good to know.

 

[Garz]

If Apples concern right now was to plug the JB, it would have already been done. Not saying 6.1.3 won't but 3 updates has absolutely nothing to do with evasion.

 

[Tanbam]

A jailbreakable phone is a huge security hole. Apple has to fix the problem, which means that they must plug the holes that allow the jailbreak in the first place.

Right now, EVERY iOS device that is able to be jailbroken by evasi0n is at risk. If someone has their corporate iOS device lost or stolen, it is trivial for someone to plug it into a computer and jailbreak it giving them access to every file on it. Sure, a jailbroken phone may potentially be even more unsecure due to any applications installed through Cydia (like SSH without changing the password) than a non-jailbroken phone, but right now, ALL of them are completely unsecure. Until Apple plugs the holes, the OS is 100% insecure for anybody who can have physical access to the device.

That being said, I feel that the benefits of having a jailbroken phone outweigh the potential security risk. Most corporate customers do not feel the same way...

 

[natasftw]

You do realize Apple has a rather large supply of iPhones available to them?

With this large supply, they can install their most updated, unreleased, iOS version. After doing so, they can run the evasion tool on it to see if the loopholes still work.

No, they're not releasing updates to see if they randomly fix jailbreak exploits. They actually test for that in logical ways

 

[natasftw]

A jailbreakable phone is a huge security hole. Apple has to fix the problem, which means that they must plug the holes that allow the jailbreak in the first place.

Right now, EVERY iOS device that is able to be jailbroken by evasi0n is at risk. If someone has their corporate iOS device lost or stolen, it is trivial for someone to plug it into a computer and jailbreak it giving them access to every file on it. Sure, a jailbroken phone may potentially be even more unsecure due to any applications installed through Cydia (like SSH without changing the password) than a non-jailbroken phone, but right now, ALL of them are completely unsecure. Until Apple plugs the holes, the OS is 100% insecure for anybody who can have physical access to the device.

That being said, I feel that the benefits of having a jailbroken phone outweigh the potential security risk. Most corporate customers do not feel the same way...

If the phone is locked, it screws with the jailbreak. To get around the lock, a full restore is required. Anyone that can get around that can do so without the need for a jailbreak. If it wasn't locked, it was already trivial for anyone to scan through the phone to find every document on it. As it wasn't jailbroken, it didn't have access to other ways to put files onto the phone.

Any corporate customers that feel the jailbreak being available makes THEIR phones more insecure are speaking for a position of ignorance.

 

[talkin73]

You do realize Apple has a rather large supply of iPhones available to them?

With this large supply, they can install their most updated, unreleased, iOS version. After doing so, they can run the evasion tool on it to see if the loopholes still work.

No, they're not releasing updates to see if they randomly fix jailbreak exploits. They actually test for that in logical ways

Good to know Apple has a large supply of iPhones so thanks for that tip Your last sentence is at the heart of my overall question... how do you know what Apple does? I mean that sincerely, not being a wise-arse... how do you, personally, know what is happening at Apple and what they are or are not able to "test for... in logical ways"? What I think I'm reading is a lot of opinions, which is fine. Opinions are freely shared on a forum like this and I think we all (hopefully ) understand that is part and parcel for the forum experience. However, some folks seem to have a belief in how things work or what is "real" when, in fact, it is nothing more than their opinion... it might seem to "make sense" or be "logical" to the person with that belief, but it is still grounded in no facts or data whatsoever. Moreover, saying an opinion loudly and/or confidently still doesn't make it a fact So, I still remain curious as to whether or not Apple can easily figure out what is being used by evasi0n (which, if I understand correctly is different than most previous jailbreaks because it uses multiple exploits instead of a single exploit) and patch all of that with little fanfare... this is still about me learning, not "complaining" about Apple's updates and not naivet? about what Apple does or doesn't do. If someone has credible facts, I would truly like to know.

 

[kch50428]

Do you think Apple's programmers and engineers are too stupid to download evasi0n - and reverse engineer it?

 

[talkin73]

A major release takes a lot of time! (ie ios5 to ios6) however the single point releases are more for fixes as opposed to updates to the system.
I imagine that apple could have blocked the jailbreak at any point in time, they may have deemed this particular jb as less of a security threat due to its complexity, therefore, they aren't as concerned about it. But 6.1.3 is just around the corner!
For example, when jailbreakme.com was released it probed a HUGE security flaw! You could end up with unsigned code on your device simply by visiting a website! That is a true security issue, so they released a fix for that within a few weeks I believe.
This jailbreak requires multiple points of access, meaning the security flaw is not as dangerous. While the act of being jailbroken does reduce your security, it only does so because you can pit things on it your not supposed to, and you can open it up to others (ssh).

While I have no idea what Apple's intentions are, this perspective makes more sense to me than anything else offered thus far... single, simple security flaw equals potentially significant problems... multiple, complex security flaws that must be used simultaneously equals much less concerning.