So, I'm guessing many iOS device managers have contended with this one.
As we all know, jailbreaking is typically either a violation of AUP or at the very least bad security practice. In our organization, we have created a Smart Group called "Jailbreak Detected". Members of said group get a very heavy punishment profile on their device so they have to make themselves known to IT.
Anyway, I was hoping we'd never come into need to use this. Unfortunately, I have had two devices in the past month that Casper has reported a jailbreak and of course users don't really want to fess up to that on their district-owned devices. In the case of one iPad, I will have to prove to the parents that the jailbreak was performed.
I am submitting a feature request for JAMF to document what triggers a jailbreak detected status of "yes" OR if they don't wish to publicly document that, show in the JSS what triggered it.
I could see there being a button that a JSS Admin could click on right beside the Jailbreak Status showing explicitly what triggered that status.
I can't seem to find any of the usual triggers...Cydia, Installer, Icy, Installous, etc. I can't find the hidden log file that comes with a pangu attack...I can't seem to find evidence at all but the JSS is still showing it jailbroken.
Any ideas?
