Hacking and Securing iOS Applications by Jonathan Zdziarski

Throughout this book, you’ve seen a number of ways an attacker can manipulate and hijack applications, many of which rely on either jailbreaking the device or taking advantage of a runtime code injection vulnerability, such as those exploited in many 0-day attacks. There are a number of ways your application may end up on a jailbroken phone. Often, employees themselves will jailbreak their devices to install third-party software on them, exposing your enterprise application to additional threats. Corporate policy and Apple MDM (Mobile Device Configuration) can only go so far to manage employees’ actions, and in fact many of the restrictions imposed on devices through MDMs can be disabled on a jailbroken device. It’s also possible that your application may have been on a device that was stolen and later jailbroken in an attempt to steal data or gain unauthorized access to an online resource. Finally, malicious spyware or other code may have been injected into the device, lending no visible signs of jailbreaking, but quietly harvesting data in the background. By detecting whether a device has been jailbroken by the user, you’ll add an extra layer of policy enforcement and risk assessment to protect the data within your application from being exposed.

The checks to follow are important to run in order to detect when an end user has compromised their device for any reason, or to detect whether an intruder has compromised a stolen device. When a device ...