The internet is abuzz with news of several iCloud accounts being hacked recently, wherein nearly 220,000 accounts were allegedly exposed to potential compromise. Although avid jailbreakers would be aware of the inherited risks involved with iOS jailbreaking, not many would seem to know of potential ways to protect their device from external threats.
Nevertheless, folks at iDownloadBlog have shared some effective ways to safeguard jailbroken devices by reinforcing the security mechanism built into the devices via a few simple tips and tricks.
Say no to piracy
As has been the case with pirated jailbreak tools such as Pangu, that often carry shady apps and tweaks as bundled packages, jailbreakers should exercise caution with standalone apps and tweaks, although they are available for free.
Some of the most common risks involved with the pirated tools and apps are listed below:
- Developers of pirated repos and apps often get paid by advertisers, since they generate traffic for them
- Hackers could hide away malware inside some of these repackaged apps with the intent of stealing credentials and selling them off to the highest bidder
- Infect your device with ad-hijacking Trojans or in worst case hijack the user control itself
Change Root password and avoid installing OpenSSH
It's always a good practice to avoid installing advanced jailbreak features such as OpenSSH, which could compromise security on your iPhone, especially if you are not aware of the consequences associated with using such tools. Besides, you should always change the Root password of your iOS device to enhance security, especially after jailbreaking it.
Enable Two-Factor Authentication
Enabling Two-Factor Authentication (2FA) is the primary step to protect your device with an additional level of security, which goes beyond authorising your login with user ID and password. For instance, your iPhone could be used as a 2FA agent to reauthorise your login credentials, with an authorisation key sent to your iPhone to complete the login successfully.
Avoid installing shady jailbreak tweaks
A malicious tweak could be inadvertently installed through third-party tools like iFile or via command line, even without using an infected repo. So, users need to exercise caution while downloading jailbreak tweaks with file download managers like iFile and be wary of imitations and fake apps that are often responsible for malicious attacks.
Avoid installing untrusted and unknown repos
Avoiding third-party, untrustworthy repos will further reduce the risk of compromising your device to external threats. It is recommended to stick to standard Cydia integrated repos such as ModMyi and BigBoss to minimise potential risk with malware and other security risks, which often arise through questionable repos like Unflod, KeyRaider and AppBuyer.
However, you could always trust some popular third-party repos such as Ryan Petrich's beta repo.
Data Miners and Trojans on Cydia repos
Beware of data miners and Trojans floating around with reputable sources such as Cydia's BigBoss or ModMyi or even the popular Apple Store by filtering out what you want to download and ensure that you scan every file that you download with any robust anti-malware and anti-virus software, before installing the same.