iPhone/iPod Touch 1.1.1 Jailbreak Complete, Security Ramifications [Update]

Engadget's Ryan Block has confirmed that a beta test of the latest jailbreak method for the 1.1.1 firmware of the iPhone and iPod touch works.

The current method uses a vulnerability in 1.1.1's mobile Safari to gain root access to the device. Currently, this is the only method available to jailbreak an already upgraded iPhone or iPod Touch, as previous methods relied on firmware 1.0.2 still being available.

While the developers are using the Safari vulnerability for somewhat benevolent purposes, it does raise a potential security issue for users. The vulnerability lies in mobile Safari's handling of TIFF images, where viewing a malformed TIFF image allows root access to the device.

While the jailbreak is now complete from all angles, it still does not mean that the methods are ready for adoption by general users. We will consider it ready when Installer.app (or equivalent) is updated for the latest firmware.

Update: The jailbreak has been released but no step-by-step tutorial is yet available.

Ongoing iPhone coverage at macrumors.com/iPhone

Related Forum: iPhone