Words MEAN things, Puget... THIS SPECIFIC VULNERABILITY CANNOT IMPACT iOS... UNLESS YOU CAN SHOW ME ADOBE FLASH AND ADOBE ACROBAT READER APPS FOR iOS THEN YOU ARE LYING. There is no current jail breaking by the use of PDF. That exploit was CLOSED four weeks ago.
How can I be sure I always can Jailbreak in the future!Firstly, don't update past 4.0.1, the last firmware JailbreakMe supports. Secondly, and arguable most importantly, allow Cydia to "make your life easier". This will allow you to always restore back to the latest firmware available when you select that option.—Jailbreakme.com as of today, September 16, 2010
So, one month AFTER the release of iOS 4.0.2, closing the JailbreakMe.com vulnerability, JailbreakMe.com states that their software WILL NOT WORK on any firmware after iOS 4.0.1... which shoots down your claim "cracked within ONE DAY of release" If you are referring to the Geekinside.uk.com report of iOS 4.1 being cracked on September 9th.. they published a semi-retraction saying :
"Dev-Team members say there is still work to be done to fine-tune the exploit technique and that would-be jailbreakers are best served by forgoing the update to 4.1 for now. The admonition comes after they called iOS 4.1 a trap designed to prevent future jailbreaking and unlocks."—Geekinside.uk.com
Finally, I have never said that an ACE cannot work on an iOS... I have said that they will not work on OSX... because the data stacks are NON-EXECUTABLE memory and that buffer overflows in those areas cannot be executed. I have numerous times stated, including in this thread, that the iOS devices are NOT similarly protected at this time. YOU KEEP IGNORING THAT STATEMENT BY ME and claiming I have made the sweeping statement that all Apple products, inclusive, are somehow covered by my statements about OSX. Nothing is further from the truth. That is another one of your STRAW MAN arguments... you've done it in this very discussion. I've made it explicit that the Non-Executable protection that prevents ACE from being a problem in data buffer overflows in Macs DOES NOT EXTEND to the iOS devices... but you keep arguing that point and calling me a LIAR for something I never said. Just because I did not write an entire treatise on everything about the issue, covering every possible permutation of possibility, you apparently believe that gives you carte blanche to call me a liar for not doing so. Give it a rest.
Yes, they do. You made a BLANKET STATEMENT that ACEs are not a problem for iOS.
THIS SPECIFIC VULNERABILITY CANNOT IMPACT iOS... UNLESS YOU CAN SHOW ME ADOBE FLASH AND ADOBE ACROBAT READER APPS FOR iOS THEN YOU ARE LYING.
BS. I'm not the one that made the QUOTED BLANKET STATEMENT.
There is no current jail breaking by the use of PDF. That exploit was CLOSED four weeks ago.
But there were, and it was an Arbitrary Code Execution exploit, right? In bone-stock Apple code only.
Can you admit that an arbitrary code execution exploit was used to completely root a phone with no interaction from the customer other than going to a website? That an ACE exploit can totally root your OS?
Can you, Sword?
Finally, I have never said that an ACE cannot work on an iOS..
And here you are, lying about your lie. I give you this:
In the case of OSX and iOS, PDFs are usually read by native, non-Adobe, routines built into the OS... so they are not at risk either.
We've seen them for iOS, and that we've seen that the native routines were susceptible when Adobe's routines were not. ACE exploits allow ownership of iOS. There are undoubtedly many more, not being used right now (that you know of...) as there is a history of ACEs in PDF readers written by Adobe. Can you admit that?
Oh, and your little statement about it not being possible to attack OSX this way? Sorry, you're wrong, it's happened in the past. And there are many, many more ACE exploits that will compromise OSX, per Apple's own statements about those holes.
And it will definitely happen again in the future. Only a shill of the highest order would deny any type of attack or hole in an OS.
And what's with copying a bunch of other people on your failed defenses? Is it because you're hoping someone else will bail you out?