Jailbreaking Apple’s iOS and rooting Android’s mobile operating systems achieve effectively the same thing: privilege escalation. The motivation and detail between the two is, however, hugely different.
The overwhelming motivations for jailbreaking an iOS device are operating system (OS) and application modifications, and ‘sideways loading’ (the process of installing apps from outside of the vendor’s official sources). Because both functions are largely allowed by Android vendors and explicitly disallowed by Apple, there is stronger incentive to jailbreak iOS, but little to root Android. In either case, the process is probably legal in Europe, likely illegal in Canada, but definitely legal in the US – provided, of course, you are jailbreaking your own device.
Jailbreakers: A Profile
Jailbreakers are often colored as irresponsible script kiddies who want to run pirated apps and videos on their devices. This characterization is far from accurate.
There are two camps, explains Austin Evans, who runs the State of Jailbreak website. There are “people – typically kids in my experience – who jailbreak to pirate App Store applications; and then there are the power users”. The power users, he says, “want to get the most out of their iPhone/iPad with tweaks to improve usability and themes to customize the look”.
This echoes the view of Cydia developer, Jay Freeman (‘saurik’). Cydia is the de facto source of apps and modifications for jailbroken iDevices. Cydia is “not an alternative App Store”, says Saurik, “it’s an alternative to apps”. This takes the view that Apple’s iOS is little more than a system for running other people’s approved apps on a device capable of, but restricted from, doing very much more. In this vision, jailbreakers are power users who simply want to maximize the value of some very expensive hardware they have paid for. Far from being reckless, they tend to be very responsible users.
There is one further reason to jailbreak. “If your phone is locked to a single carrier,” points out independent security researcher Robin Wood, “then you have to jailbreak it as part of the unlocking process to get access to all networks”. This applies to both iOS and Android – but whereas jailbreaking is legal in the US, it has recently become illegal to unlock a device there.
Security
The most frequent argument used to deter jailbreaking is ‘security’. Ninety-five percent of mobile malware attacks Google’s open Android platform; most of the rest is shared among the other mobile operating systems; and only a very tiny number of successful attacks against iOS have ever been recorded. The reason for this is the very tight control Apple maintains over the iOS, and the apps it allows to run. Basically, only what Apple permits is allowed to run on iOS devices, while others cannot – and that applies to malware just as much as unapproved apps.
However, if users break into the system and employ it in an undefended manner, then criminals can also break into it. A jailbroken iDevice is, by definition, not as secure as an unbroken one. Evans, however, suggests that this is a theoretical argument rather than a practical reality. He points out that the user is usually the weakest link regardless of platform, suggesting that a responsible jailbroken power user is just as secure as an unbroken irresponsible user. There have been few cases of malware even on jailbroken iPhones, and sometimes jailbreakers have led the way in security.
“For example”, he explains, “a major security bug was found in 2011 which could allow an attacker to get full access to an iOS device just by viewing a PDF in Mobile Safari”. But it was a jailbreak developer who created the widely used JailbreakMe method, “and a patch was made available to jailbroken devices well before Apple had an official fix available”. The irony is that this jailbreak is now the only way to protect older iPhones, no longer supported by Apple. Jailbreaking older versions of the iPhone and iPod and installing the patch, adds Austin, “is the only way to make them secure against this vulnerability”.
Third-party Security for Jailbreakers
In the early days of computing, there was very little third-party security; the security that existed was largely ‘geeks’ sharing information freely among themselves. Over the last twenty years this has changed, and there is a large and growing security industry that arguably competes with itself more than it shares information – although the anti-virus industry, in particular, may contest this ‘sharing’ view.
This applies almost everywhere except Apple’s iOS. Because the kernel is so tightly locked, the security industry cannot get into it and provide meaningful security. Of course, neither can the hackers – so the end result is not painful to the user. The exception is jailbreakers, who lose Apple’s built-in security and are unlikely to be offered any by the security industry.
There are several reasons for the industry to abandon jailbreakers. First, it simply mirrors Apple’s official view: “It is also important to note that unauthorized modification of iOS is a violation of the iOS end-user software license agreement and because of this, Apple may deny service for an iPhone, iPad, or iPod Touch that has installed any unauthorized software”.
Second, although there are millions of jailbreakers, this is a tiny number compared to the market the security industry currently supports in the PC realm – and mobile users tend not to spend money on security products.
"Prevent jailbreaking at all costs, and prevent these devices from accessing your environment" |
Lawrence Pingree, Gartner |
This leaves open the idea that maybe the security industry – whose business function is to provide security, and many of whom already provide free consumer versions of their software – should perhaps offer security for jailbreakers. This is universally rejected by the industry. It’s not viable, says security researcher David Emm of Kaspersky Labs: “different jailbreaks would require specific support”.
Graham Cluley, a technology consultant with security firm Sophos, also points to commercial viability, whether that be the size of the market or brand awareness (Sophos already provides a free consumer product for Apple OS/X users for just that brand awareness).
David Harley, a senior research fellow at security firm ESET, actually believes that there is a moral imperative for the security industry not to support jailbreakers. He is of the view that since at least one of the reasons for jailbreaking is to make copyright infringement easier, supporting jailbreakers could in some way be seen as supporting illegal activity. More practically, however, he believes that such an approach might isolate Apple itself.
“Alienating Apple”, he suggests, “could actually have a direct negative impact on consumers in the OS/X space. Apple and vendors with a product in that space do cooperate. Less dialogue would not benefit the community.” So supporting iOS jailbreakers could simultaneously harm OS/X users, and hand competitive advantage to other vendors who do not support them.
It may be, then, that the jailbreaking community will need to revert to the early days of security – a community of ‘geeks’ sharing security information among the group, and from which entirely new security companies operating under a new business model could emerge.
The Business Angle
So far we have seen that jailbreakers who fall into the category of serious power users are probably less of a threat to themselves, their fellow jailbreakers and copyright integrity than is commonly perceived. Nevertheless, the jailbreaker has been abandoned by both Apple and the security industry; and the final question is whether this group should also be abandoned by the enterprise and excluded from organizational bring your own device (BYOD) policies.
It is not as simple a question as it might first appear: the easy answer is to never allow a jailbroken device to attach to the company network simply because it is inherently less secure than an unbroken device. One of the driving forces behind the BYOD revolution, however, has been a response to employee pressure, not least the ability to attract and retain the highest-quality workforce – in other words, the very power users who are more likely to jailbreak.
Jailbreaking has gotten a bad name nevertheless, to some extent because of Apple’s attitude toward the practice. Regardless, there are far fewer threats to jailbroken iPhones than there are to unrooted Androids – and many companies will reluctantly accept Android while rejecting jailbroken iDevices. The argument could be made that a responsible jailbreaker is far more secure than an irresponsible Android user; so in one sense it is irrational to simply reject all jailbreak connections.
Yet, can a business take such a risk? Probably not. Although there are software products that can detect whether an attached iDevice is jailbroken or not, there is no software that can detect whether an iDevice user is trustworthy – he or she could just as easily be one of Austin Evans’ ‘kids’ as they are one of his power users.
The advantage of Apple’s walled garden is that it ‘vets’ everything that can run on the device. “With a jailbreak”, comments Robin Wood, “your system is fully exposed to each application you run on it. That means that you have to be much more careful with what you do, and do your own vetting before using things. Most people”, he added, “don’t vet – they just blindly trust, so they could easily get themselves into trouble”.
The security admin, then, simply has to assume that the worst could and probably will happen, and plan accordingly. As Gartner analyst Lawrence Pingree put it at last summer’s Gartner Security and Risk Management Summit: “Prevent jailbreaking at all costs, and prevent these devices from accessing your environment.” Sadly, this is not because jailbroken devices are dangerous, but because they might be.