Jailbreaking : Security risks and moving past them

Jailbreaking

Rooting or jailbreaking is the process of bypassing the internal protections of a smart device to gain complete control of the operating system, but risks device security. The only difference between these two terms is that while rooting applies to Android devices, jailbreaking deals with iOS devices. So, while rooting an Android device means circumventing the security restrictions set in place by Google, jailbreaking an iOS device means bypassing the limitations imposed by Apple. But because of the ‘Walled Garden’ approach used by Apple, the jailbreaking process involves tearing down these ‘wall’s or ‘jail’ before trying to attain root access. It is often achieved by discovering and exploiting a bug present in the operating system. Rooting gives the user administrative controls, allowing the user to even completely replace the OS if one so desired. Jailbreaking doesn’t grant admin privileges but still allows users more access to their device with the help of complementary softwares called tweaks.

Everything good comes with a price.

And the price of gaining root access is the ensuing security vulnerability. Let’s take a look around jailbreaking and how to keep iOS devices safe.

Why do people jailbreak their devices?

The allure of jailbreaking comes from the user being granted complete control over their devices, which could be reflected in :

• App installation – Apple being adamant on security, only allows those applications which pass their stringent security checks to be a part of the app store. Only the applications from the app store can be installed on an iOS device. Jailbreaking allows users to install third-party applications.
• Pre-installed app uninstallation – Some applications come pre-installed, which are mostly never even used by the majority of the users but are not allowed to be uninstalled. Root permission enables the users to uninstall these adamant applications.

• Change carriers – Apple isn’t exactly open to changing the default network carriers. So, to unlock or change the network or to temporarily switch to a different carrier, jailbeaking could come in handy.
• Controls – People also often jailbreak their devices because they hate being told what they can and can’t do.

• Customization – Apple likes to ensure a quality user experience for all of its users. And they go about it by making sure that everybody uses their standard features without leaving much room for personalization. Gaining root access gives users a chance to change all that.

Some options for customization available on jailbroken devices :

• Better web browsing: Web browsers on iPhone are Safari in a different wrapper, and Safari on iPad is much better than Safari on iPhone. The jailbreak tweaks allow introducing the additional features Safari hosts in iPad to iPhones.
• Less intrusive phone calls: By default, the incoming call interface takes up the entire page. With add-ons from jailbreaking, banner like incoming call interfaces can be configured.
• Guest Mode: When lending your iOS device to someone, Mac-inspired Guest Mode could be enabled to ensure privacy with appropriate tweaks for it.
• Improved theft protection: GPS alerts and photographs of the thief could be sent directly to the user’s account in the event of theft, thanks to a few handy tweaks.
• A proper file browser: Extracting iPhone’s root file system more than makes up for Apple’s file app is a little on the lower side when it comes to robustness.
• Location spoofing: Jailbreaking tweaks can be used to spoof the location, enabling access to Weather information from different parts of the world to play location-based games.
• Power features: iPhone is restricted from accessing certain features by Apple or the manufacturers of third-party applications. It is possible to port additional features from iPad and even transcend the restrictions from app manufacturers with the right add-ons.
• Intelligent device security: Jailbreak tweaks can be used to bypass security features like authentication when in a secure place like home.
• Endless interface customization: The main reason is the limitless opportunity for customization. People who do not like the look and feel of an out-of-the-box iPhone can tweak it to fit in with their personal preferences.

Is it safe?

Although jailbreaking introduces the user to a world of delightful possibilities, it often risks endangering the device security at large. Users gain access to the kernel by manipulating a tiny flaw in the otherwise stable OS. This makes the OS a little less stable. This need not readily cause troubles, but the possibility of future mishaps is always a distinct possibility. The jailbreaking process in itself poses the threat of rendering the device useless or a future app installation driving it around that curve.

According to Nick DePetrillo, a principal security researcher at Trail of Bits,

Jailbreaking your iPhone is running untrusted third-party exploit code on your phone that disables security features of your iPhone in order to give you the ability to customize your phone and add applications that Apple doesn’t approve.

The general risks involved in jailbreaking are :

• The loss of warranty from the device manufacturers.
• Inability to update software until a jailbroken version becomes available.
• Increased security vulnerabilities.
• Decreased battery life
• Increased volatility of the device.
• In-built features behaving differently than expected.
• Risk of malware infiltration.
• A greater risk from hackers owing to the difference in the OS from non-jailbroken devices.
• Unreliable data connections, dropped calls, and inaccurate or delayed location data.
• It might brick the device.

Does it compromise the data security?

In a standard iOS device, the installed applications are just as limited as the users, if not more. An application is limited to accessing its own data and cannot access data from other applications. This is called the sandbox architecture, as the applications are forced to work within their own sandbox. But when the device is jailbroken, all walls are felled. This means that inter-application data acquisition becomes easier and definitely, not desired. The most significant security breach, after all, occurs during this transaction. With the lowered security walls around the device in general and the ability to install any application, the user could easily be gullied into installing malware inflicted applications that would reach out and acquire sensitive data from the device.
‘Keyraider,’ a malware that was responsible for stealing over 225,000 Apple IDs while exclusively targeting jailbroken devices, is an excellent example of the security risks involved in jailbreaking.

How does jailbreaking reflect on corporates?

An attacker with physical access to a device can exploit an endless number of possibilities to extract information. They can use specials tools or software to extract sensitive information from the device memory after plugging it into a computer. In android phones, if a backup is enabled, application data can be extracted from a backup using ADB or Android Debug Bridge. However, if root privileges are enabled, data can be extracted even if the backup is disabled. In the case of jailbroken iOS devices, it is not uncommon for users to not change the default root SSH credentials from ‘alpine’. This makes it easier for an attacker to copy application data to a computer via an SSH. The threat is more prominent in a corporate environment where multiple employees know the device password.

Why is jailbreaking a headache for the IT department?

When an employee jailbreaks their device, they essentially put the organization at risk. Often, malicious agents exploit the hidden backdoors introduced by jailbreaking to access or reset the root password. The root password would, in turn, give unimpeded control of the device to hackers. Thus, any data stored in said device, including stored passwords, business contacts, access to the microphone and camera, and the data that resides in the company app, becomes readily accessible to the broken-in party. When a rooted or jailbroken device is connected to the company network, attackers can explore the network at leisure from the vantage point of the rooted device. Hence, accessing company data or connecting to the company network from a root accessed device could compromise the company’s data. Thus it is of utmost importance to make sure that this scenario does not occur. After all, jailbreaking does open up the device to more security vulnerabilities.

Managing jailbroken devices

All things considered, it comes as no surprise that the jailbroken devices are completely undesirable in a work environment and that the IT department is forced to take measures to ensure the same. Going through a list of every employee in an enterprise and ensuring that their device does not permit root access would be a tiresome job. MDM solutions having a jailbreak detection feature in their arsenal makes this tedious task much easier for the IT department.

When enrolled in an MDM, jailbroken devices work pretty much the same way standard devices would save for the jailbreak detection feature. The Hexnode MDM marks a device as non-compliant when an enrolled device is jailbroken or rooted. If the notification for device compliance has been enabled from the admin tab, the admin is notified as soon as a non-compliance issue arises. A compliance check could, among other things, point out the devices with root access, and necessary actions could be undertaken. In the worst-case scenario, the IT admin could wipe the device and thereby annul the jailbreak. In short, an enterprise could easily entrust the responsibility of keeping their iOS devices safe with an adept management solution.

Not only that, an MDM solution could be used to customize corporate devices in bulk without ever risking security vulnerabilities. Applications from the App store, as well as those developed by the enterprise, can be installed directly. Unnecessary system apps could be removed, and further removal of apps could be restricted, and even the home-screen app layout could be adequately customized with a management software. Device features which might pose a threat to the company data could also be individually blocked or restricted without affecting other functionalities.