LightBlog
Contact at mumbai.academics@gmail.com or 8097636691/9323040215
Responsive Ads Here

Sunday, 5 August 2018

Mobile Security - Apple iOS

Mobile Security - Apple iOS


iOS is Apple mobile's operating system established for its iPhones. It maintains and sustains other Apple devices such as iPod Touch, iPad, and Apple TV. Using the Mac OS X, the iOS operating system is fabricated.
The user interface is based on the concept of direct manipulation, using multi-touch gestures. This has many other options and features using which daily work becomes easy and this can be updated on your iPhone, iPad, or iPod Touch using Wi-Fi and other wireless networks.
iOS

Jailbreaking iOS

Jailbreaking is taking control of the iOS operating system that is used on Apple devices, in simple words the symmetry of Rooting in Android devices. It removes the device from the dependencies on exclusive Apple source applications and allows the user to use third-party apps unavailable at the official app store.
It is accomplished by installing a modified set of kernel patches that allows you to run third-party applications not signed by the OS vendor. It is used to add more functionality to standard Apple gadgets. It can also provide root access to the operating system and permits download of third-party applications, themes, extensions, etc. This removes sandbox restrictions, which enables malicious apps to access restricted mobile resources and information.
Jailbreaking, like rooting, also has some security risks to your device −
  • Voids your phone's warranty
  • Poor performance
  • Bricking the device
  • Malware infection

Types of Jailbreaking

When the device starts booting, it loads Apple's own iOS, and to install apps from third parties, the device must then be broken and have the kernel patched each time it is turned on. There are three types of jailbreaking methods used.

iBoot Exploit

An iBoot jailbreak allows the file system and iboot level access. This type of exploit can be semi-tethered if the device has a new boot-rom. This is mostly used to reduce low-level iOS controls. This exploit method takes the help of the hole in the iBoot to delink the code signing appliance and then the customer can download the required applications. Using this method, the users configure the mobile to accept custom firmware and probably jailbreak more.

Userland Exploit

A userland jailbreak allows user-level access but doesn't allow iboot-level access. This type of exploit cannot be tethered as it cannot have recovery mode loops. These can be patched by Apple. The userland exploits use a loophole in the system application to gain control of that application. The exploit can only give control to the filesystem. This type of exploit can access non-vital code in the application and is user friendly and platform independent.

Bootrom Exploit

A bootrom jailbreak can break all the low-level authentications such as providing filesystem, iBoot, and NOR access (custom boot logos). This process finds a hole in the application to discard the signature checks. It can't be corrected by Apple. A bootrom jailbreak allows user-level access and iBoot-level access. These cannot be patched by Apple.

Jailbreaking Techniques

There are two types of Jailbreaking techniques.

Untethered Jailbreaking

Untethered jailbreak is a technique of rebooting the mobile device without connecting it to the system every time it is booted. If the battery of the device is spoiled, after changing it boots as usual. Tools for this are PwnageTool, Greenpois0n, Sn0wbreeze, and Limera1n.

Tethered Jailbreaking

If the device starts backing up on its own, it will no longer have a patched kernel, and it may get stuck in a partially started state. In order for it to start completely and with a patched kernel, it essentially must be "re-jailbroken" with a computer (using the "boot tethered" feature of a jailbreaking tool) each time it is turned on.

App Platform for Jailbroken Devices: Cydia

Cydia is a jailbreaking device which can be downloaded from https://cydia.saurik.com/. It helps iOS users to install other third party applications. Cydia has different extensions, themes, features, and customizations.
It is a graphical front-end to Advanced Packaging Tool (APT) with the dpkg package management system, which means that the packages available in Cydia are provided by a decentralized system of repositories (also called sources) that list these packages.
App Platform

Jailbreaking Tools

Some other jailbreaking tools are as follows −

Pangu

Team Pangu consists of several senior security researchers and focuses on mobile security research. It is known for the multiple releases of jailbreak tools for iOS 7 and iOS 8 in 2014.Team Pangu proactively shares knowledge with the community and presents the latest research at well-known security conferences including BlackHat, CanSecWest, and Ruxcon. It can be downloaded from http://en.pangu.io/
Pangu

Redsn0w

Redsn0w can be downloaded from http://blog.iphone-dev.org/ and it runs on different firmware versions.
Redsn0w

evasi0n7 and GeekSn0w

evasi0n7 as a jailbreaking tool is compatible with all iPhone, iPod touch, iPad and iPad mini models running iOS 7.0 through 7.0.6 (Devices that have been updated Over The Air [OTA] should be restored with iTunes first). Its official webpage is http://evasi0n.com/
evasi0n7
GeekSn0w is a popular iOS 7.1.2 jailbreak utility that's built upon winocm's opensn0w project and Geohot's limera1n exploit. GeekSn0w can jailbreak all iPhone 4 models on Apple's latest public firmware, iOS 7.1.2. Its official webpage is http://geeksn0w.it/
GeekSn0w

Sn0wbreeze and PwnageTool

Sn0wBreeze is a jailbreaking tool that has existed since the iOS 3 firmware generation and has continued to be maintained by its developer iH8Sn0w. Its official webpage is http://www.ih8sn0w.com/
Sn0wbreeze
PwnageTool can be downloaded from http://blog.iphone-dev.org/ and it runs on different firmware versions.
Pwnage

Limera1n and Blackra1n

Limera1n can be downloaded from http://limera1n.com/
Limera1n
Blackra1n is geohot's iPhone jailbreak solution. It can be downloaded from http://blackra1n.com/
Blackra1n