Jailbreak device detection

Sensitive and already open discussion on many occasions, but I think essential to really manage the deployment of iPhones in a commercial society and the associated business risks.

Since the removal of the detection jailbreak detection in iOS API's, there's no 100% sure way to detect jailbreak iDevices.

One possible way would be to push an application on iDevices (as does Airwatch) in addition to Self Service, but that does not comply with Apple’s instructions for MDM systems...

I just realize after performing a jailbreak an iPhone (iOS 6.1.4) that the JSS Built-in Certificate Authority did not install correctly and wasn’t present. I was able to reproduce this all time I’ve tried to enroll this particular device.

Does someone noticed that too on other jailbreak iDevices? I don’t know whether this is a problem with the jailbreak or the iOS version?

If confirmed by others, it would be a possible detection way?

Thank you for your feedback !

Page 1 / 1

You might be able to just see if an application is installed (Cydia)

Thanks, but Cydia is not appearing in my JSS app list unfortunately (not really sure it is even an app...).

I was wondering if I could try pushing an unsigned app to the iDevice through the Self Service in-house apps, but XCode does not allow to create an unsigned app package... If the app installs itself, it would mean that the device is jailbreak.

If somebody knows a way to write an app and get an unsigned package (in a safe way...)?

The app identifier for a Cydia should be com.saurik.Cydia (or close to that)

See if it can find that

Unfortunately nothing related to cydia in the application list. Would have been too simple ;-)

I think the Cydia app lives outside the iDevices app folder; which is why it's not showing.

we've gone rounds with our MDM provider and Apple over jailbreak detection. It was something that was offered in the past, but it was so unreliable that it was removed. Sadly, there's no real way to detect it.

http://www.scmagazineuk.com/why-ios-jailbreak-detection-is-a-fundamentally-flawed-security-process/article/303733/

Just wondering if the missing certificate could be a possible solution as it is the only difference I could notice between a jailbreak and not jailbreak iPhone in JSS... If somebody got an iOS 7.x jailbreak iPhone/iPad and check if the JSS Built-in Certificate Authority is missing?

Thanks.

Reply

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded