As reported by zdnet a new security hole has been revealed in Facebook’s native mobile applications running on jailbroken or rooted devices. This loop hole allows hackers to steal personal information of its users. This security hole effects both Android and iOS smartphones as discovered by Gareth Wright a developer. This problem arises due to the fact that Facebook is not encrypting the login credentials instead storing them in a plain text file and therefore it can be accessible on jailbroken devices. If your smart phone is not jailbroken you don’t need to worry about this vulnerability since Google and Apple restrict access to the filesystem of their smartphones by default therefore hackers can not exploit this vulnerability and steal personal information from you.
Below is the official statement from Facebook on the matter:
Facebook’s iOS and Android applications are only intended for use with the manufacture provided operating system, and access tokens are only vulnerable if they have modified their mobile OS (i.e. jailbroken iOS or modded Android) or have granted a malicious actor access to the physical device. We develop and test our application on an unmodified version of mobile operating systems and rely on the native protections as a foundation for development, deployment and security, all of which is compromised on a jailbroken device. As Apple states, ‘unauthorized modification of iOS could allow hackers to steal personal information … or introduce malware or viruses.’ To protect themselves we recommend all users abstain from modifying their mobile OS to prevent any application instability or security issues.
It is to be noted that Facebook doesn’t use authentication tokens for storing your login information since it is not a good idea because there would be a need to store a key on your device to decrypt. Therefore the viable solution seems to force users to login every time they launch the Facebook application although this is also not a favored solution.
Posted in App Reviews, jailbrake, Jailbreak, Jailbreak News Tagged with: Facebook Vulnerability Discovered, Jailbroken iOS Devices, Rooted Android Devices
Immediately after the release of iOS 5.1 there were claims that it has been jailbroken for A5 devices i.e. iPad 2, iPhone 4S and iPad3, or is very close to be jailbroken by three different sources, i0n1c, chpwn and p0sixninja but unfortunately we were unable to get iOS 5.1 untethered jailbreak till today and none was released for public, the only available jailbreak is RedSn0w 0.9.10b6 ios 5.1 jailbreak, which is tethered and not compatible with all devices. Latest news came from Pod2G of Chronic dev team that they are at work on a new jailbreak and it may take weeks.I thought to update you so that you are aware that there is some work going on for iOS 5.1 untethered jailbreak below are the tweets from pod2g.
Posted in jailbrake, Jailbreak, Jailbreak News Tagged with: 5.1 ipad 3 jailbreak, i0n1c jailbreak ipad 3, ios 5.1 jailbreak software, ios 5.1 untethered jailbreak, ipad 3 5.1 jailbreak untethered, ipad 3 i0n1c jailbreak untethered, ipad 3 jailbreak, jailbreak 5.1 ios ipad 3, RedSn0w 0.9.10b6 ios 5.1 jailbreak