CI Commentary – Does Jailbreaking an iPhone Pose a Security Risk to Mobile Users?

by on Feb 13, 2012

jailbreakDan Gualtieri is the Web Production Specialist at Corporate Insight and part of the Mobile Monitor team.
 
Apple’s iPhone is the most popular smartphone on the market today and there is no shortage of owners who have chosen to bypass the smartphone’s standard software by “jailbreaking” their device.  Jailbreaking an iPhone gives users access to an entirely separate app store, allowing them to download apps that are not sanctioned by Apple. 

While having access to a larger selection of apps is nice, is it safe to perform mobile banking and other information-sensitive activities on a jailbroken iPhone?
 
Most Common Risk
The key question facing users of jailbroken iPhones is one which is universally shared by computer users – is the software I’m downloading trustworthy?  Anything in the Apple App store has been approved and is reliable; not much gets passed the folks over at Apple.  However, when users can freely install unapproved software, the potential for downloading a virus increases significantly. As a safeguard, users should search the internet for reviews to make sure the app has been safely downloaded (more downloads the better) and that other users haven’t encountered any issues with the app.
 
Advanced Risk
Jailbreaking does not pose an inherent danger to users unless an SSH program is installed on the iPhone.  An SSH (Secure Shell, or Secure Shell Interface) allows users to modify their iPhone’s system files.  These files are what allow the iPhone to run apps, display themes, access the internet, etc.  If the default SSH password is not changed, hackers can log into the SSH platform and install a worm like “Duh” which aims to steal banking information from iPhone users.  Preventing this from happening is simple – if an SSH is installed, the default password needs to be changed.
 
Final Thoughts
Yes, there is some risk involved in operating a jailbroken iPhone.  However, the risks are similar to performing online banking and other sensitive tasks on your personal computer. The best advice we can give the average user of a jailbroken iPhone is to treat unapproved apps with the same diligence you would treat any program that you download off the internet.