Separate names with a comma.
Discussion in 'iPad Hacking' started by r3g3x, Feb 10, 2011.
Not sure if anyone read about this:
IPhone attack reveals passwords in six minutes - Computerworld
And the moral of the story boys and girls. ALWAYS change your SSH password from "alpine" to something more secure!
UPDATE - SEE POST BELOW. MY SUGGESTION ABOVE IS NO PROTECTION AGAINST THIS EXPLOIT (but is still good practice!)
One thing to note...these devices were not jail broken yet. The person who obtains the i device does the jailbreak to gain access.
Yes indeed. Well reminded. Does being jail broken and secured provide any additional protection to re-jail breaking with redsn0w and installing a package at boot time I wonder? I'm off to experiment...
What do u mean? Is ssh something automatically installed when u jailbreak? If so, how do i go about changing the password?
No, it is something that most power users choose to install after the jailbreak, usually via OpenSSH.
Here is a good article about the password issue and how to change it How to Secure your Jailbroken iPhone from SSH Hack | Redmond Pie
However, in relation to this story, the protection I suggested is wrong (but still good general practice). There is no protection from this exploit by changing the password. Redsn0w can be used to install a new bundle with whatever settings the user wants and therefore the only protection against this attack (as was clearly stated in the original article!) is to remotely wipe your iPad using mobileme, or another such service, as soon as you lose it...
This is one of the downsides of having a hardware bootrom exploit (limera1n) which cannot be patched.
Here's the link to d/l Mobilelterminal 511-1 for the iPad running 4.2.x