The SSL flaw that 7.1 patches is the most likely vector for the most popular IOS jail-brake to gain Root access. Updating to 7.1 (un-patched), will most likely only un-jail-brake your phone. Otherwise, 7.1 means no updates to the OS that runs Cycadia's Apps, and a h-u-g-e hole in a jail-broken phone's security -- that there is very little possibility of ever getting fixed.
There are several things prepare for:
- A fully forked, pirated version IOS.
- Moving to Android
- The continuing game of cat and mouse with jailbrakers.
Those are listed in order, least-likely at top.
With the SSL patch breaking jail-brake, it is clear that was either the vector of attack for Root access, or a method used to impersonate an un-broken phone. It was a crazy, crazy idea that led to the discovery of that particular SSL vulnerability, and that’s a strange place to have to go looking if what you’re looking for is Root access to the phone. We don't know why 7.1 brakes the jail-brake. We may not get a straight answer, or it may have come out while I was writing this. You never know with the programmers. But one thing is clear: With code that tight, I don't know how many more people, with enough skill and time there are left. I don't know if we'll find find a way back in to IOS after this, and that means getting further and further away from new hardware. The jail-broken phone and the Programmer could finally be out of options.
Apple has not been forgiving with those who haven't accepted Cycadia's fate. The users who continue to jail-brake their phones and the programmers who continue to provide the service, suffer at the whim of Apple's ever more secure code. Now, another incremental update fixes a very nasty security issue and IOS is kryptonite to the jail-broken again.
Apple's Security is a few lines of code from being as secure as it’ll ever be. The App Store is just a breath away from being the only place to get apps for IOS and OS X. Soon, some people will be free to run around in the hedge maze unattended while some will be booted and the door locked behind them. One way in, one way out -- of a hedge maze. Sounds like a fire hazard to me.
That full, pirated, IOS as an option. We saw how well that worked with OS X. And now Apple has the experience to go after a pirated IOS in ways that look like magic. Any result the community would see from that uphill slog is a buggy beta right before their phones are excommunicated from the cell network ad infinitum. I don’t think there’d be a single part of that project surviving anywhere. No where on the Internet. Not even as an idea scribbled on a bar napkin would survive.
Android. What can I say? Cyanogen seems to be doing some pretty big things. It’s not a fair comparison, really. Cyanogen is building a powerful open source User Interface while continuing to encourage a more open ecosystem. They need to maintain Root access not just for the apps, but for the entire OS. Could the carriers and handset makers band together to to create an OS fork that is hardened against Root access? Yes. But it's a desperate move, a final +9000 Kamehameha that's likely to miss. And miss big. Bad security implementation could tear the entire Android phone business apart from the inside.
Hopefully before then, those behind the open source movement will have fought the battle in court. Hopefully by then the legal system will realize that leased or purchased, that phone is mine. And mine means Root access.
Apple's security is getting tight. If that SSL vulnerability was the jail-brake vector, this could be the final nail in the coffin of IOS jail-braking. And without Apple's UI, what is Cycadia but just an App Store?