1. Scatabrain's Avatar
    Hello all,
    On my rooted droid I was prompted to allow an app root privileges when the app tried to gain root level access. This gave me some control allowing me to limit root access to a few trusted apps - like app data backups.

    Realized today that a backup app could read and backup my apps but had never asked me for root permission.

    Does this not also mean that any JB app can do the same?

    On android it came out that google and some banking apps stored sensitive account info unencrypted because they didn't consider that people would gain root access. Presumably the same dumb ars crew made the banking app for iOS as well.

    Is this a concern for anyone on JB iOS?

    What suggestions does anyone have to stay safe?
    03-09-2011 10:55 PM
  2. Ipheuria's Avatar
    There's a thread about changing your root and mobile password you could start there. I think with all the smart people in the JB scene we would rely on them to find and publicise any rogue JB apps. Just like you depend on Apple or Google to police the official apps, it's the nature of computing. Unless you are smart enough to monitor it yourself there is never absolute protection from it.
    03-10-2011 07:37 AM
  3. Scatabrain's Avatar
    Good tip. Did that right after rooting.
    03-10-2011 08:01 AM
  4. Ipheuria's Avatar
    Yeah as soon as I installed OpenSSH mine were changed from the default.
    03-10-2011 09:18 AM
  5. telkins#IM's Avatar
    I cant find terminal in Cydia. So how can you change your root password?
    03-10-2011 05:59 PM
  6. Scatabrain's Avatar
    You have to get open ssh and do it remotely. I posted this on another thread just the other day. You want to then remove open ssh if you don't need it.
    03-10-2011 09:42 PM
  7. Scatabrain's Avatar
    Here is the post. My post is at the end.

    http://forum.tipb.com/showthread.php?t=181671
    03-10-2011 11:05 PM
LINK TO POST COPIED TO CLIPBOARD