Apple Removes Jailbreak Detection API

Apple has completely removed the jailbreak detection API from iOS, leaving 3rd party devs out in the cold when it comes to detecting ”compromised” devices. An API is a programming resource that developers can use to make use of certain operating system functions, such as accessing the camera, compass, etc. In this case, Apple created an API to detect if a device had been jailbroken, which companies could use to ensure their networks were only being used by secure devices.

Note: This is unrelated to Apple’s preventive jailbreak measures, this API only functions to detect a compromised device post-jailbreak.

It’s unclear why Apple chose to discard this API, but Joe Owen, the VP of Sybase, theorizes that Apple has simply stopped trying to keep up with hackers.

It’s an interesting concept – asking the OS to tell you if it has been compromised, because a smart attacker might first change that very part of the OS. Jailbreaks often get better and better at disguising the fact that anything has been compromised. [I]t may be feasible to detect jailbreaks of a specific version or type, but they will still be trapped in the cat and mouse game they play with jailbreakers. Whatever they add [in the OS] to detect the jailbreak, if it is to be queried from the iOS kernel, it must be accessible and have the ability to be changed. Meaning, if it is going to be a useful detection method it can also be circumvented. It is a fairly intractable problem to solve 100%.

This isn’t exactly a “win” for the jailbreaking community, since the API serves to protect innocent users from malicious ones. But, if the application truly needs to be ultra-secure, then companies can create their own method for detecting jailbroken devices.

[Network World]

Post a response / What do you think?