I feel like jailbreaking has become one of those things where the public goes, “Jailbreaking? That makes your phone insecure. Why would anyone want to do that?” And while this post won’t necessarily be about it, it does have some negative connotations.
As someone who used to be on top of the jailbreak scene, in fact it’s how I got into the whole blogging ordeal, I feel like whats happened with the most recent jailbreak release needs to be addressed. For those unaware of what I’m talking about, read the Reddit post here.
Essentially, there were some users whose various accounts were compromised after applying the iOS 9.3.3 jailbreak tool by Pangu. The specific accounts that were compromised were PayPal, Credit and Debit cards, and Facebook accounts.
Before readers sound off in the comments regarding it being developed by Chinese developers, Jay Freeman, better known as Saurik or the owner of the Cydia Store, says he entrusts the Pangu team. Though, with the Chinese version of the tool (which most probably used due to the English version coming out several days), Saurik has some skepticism.
I will also say I trust Pangu a lot… but I don’t know if the Chinese version of their app was only touched by them.
Even with the English version of the jailbreak, it should be taken with some thought. While Saurik has tried to make everything locally and implemented with his signatures, it’s still being downloaded via the 25PP servers.
though you are downloading it from 25PP, which opens some issues: do you trust the employees at 25PP with control over their servers?
With the iOS 9.3.3 jailbreak specifically, Pangu uses a certificate exploit by using iOS 9’s side-loading mechanism to get into the device. This means everyone who wants to jailbreak their device must get their apps signed through Cydia Impactor before using the Pangu tool to install the tool onto their device.
Is Pangu at fault here? No. The takeaway I want people to grasp is that you should download the tool directly from their direct sources and not from anyone else, even if you may trust that source.
More than anything, these “breaches” in account information are a fluke. Unfortunately, these things happen quite often and it just so happens that a jailbreak came out this week.
So, in the end, should you jailbreak? If you want to. I’m not trying to persuade, just throwing out information. I haven’t jailbroken since iOS 8, mostly because Apple has made their operating systems so feature rich in the last few years.
For the few reasons I would want to jailbreak, it’s not worth my time and effort. But for those who want that extra customization, do it. Jailbreaking is an amazing thing if you find a use for it.
As for me, the reasons why I used to jailbreak (quick reply, dark mode, nested folders, 3G Unrestrictor, f.lux), have either been baked into iOS, or isn’t enough of a reasoning for me to do it. If I had a secondary device, I would jailbreak it for sure. But not on my daily driver.
I feel like this has been said plenty of times, but if you are going to jailbreak your device, use trusted sources and stay away from shady repos.