Posted on 05-02-2014 09:05 AM
Sensitive and already open discussion on many occasions, but I think essential to really manage the deployment of iPhones in a commercial society and the associated business risks.
Since the removal of the detection jailbreak detection in iOS API's, there's no 100% sure way to detect jailbreak iDevices.
One possible way would be to push an application on iDevices (as does Airwatch) in addition to Self Service, but that does not comply with Apple’s instructions for MDM systems...
I just realize after performing a jailbreak an iPhone (iOS 6.1.4) that the JSS Built-in Certificate Authority did not install correctly and wasn’t present. I was able to reproduce this all time I’ve tried to enroll this particular device.
Does someone noticed that too on other jailbreak iDevices? I don’t know whether this is a problem with the jailbreak or the iOS version?
If confirmed by others, it would be a possible detection way?
Thank you for your feedback !
Posted on 05-02-2014 10:25 AM
You might be able to just see if an application is installed (Cydia)
Posted on 05-02-2014 12:35 PM
Thanks, but Cydia is not appearing in my JSS app list unfortunately (not really sure it is even an app...).
I was wondering if I could try pushing an unsigned app to the iDevice through the Self Service in-house apps, but XCode does not allow to create an unsigned app package... If the app installs itself, it would mean that the device is jailbreak.
If somebody knows a way to write an app and get an unsigned package (in a safe way...)?
Posted on 05-04-2014 09:21 PM
The app identifier for a Cydia should be com.saurik.Cydia (or close to that)
See if it can find that
Posted on 05-04-2014 11:35 PM
Unfortunately nothing related to cydia in the application list. Would have been too simple ;-)
Posted on 05-04-2014 11:37 PM
I think the Cydia app lives outside the iDevices app folder; which is why it's not showing.
Posted on 05-05-2014 05:28 AM
we've gone rounds with our MDM provider and Apple over jailbreak detection. It was something that was offered in the past, but it was so unreliable that it was removed. Sadly, there's no real way to detect it.
Posted on 05-05-2014 08:04 AM
Just wondering if the missing certificate could be a possible solution as it is the only difference I could notice between a jailbreak and not jailbreak iPhone in JSS... If somebody got an iOS 7.x jailbreak iPhone/iPad and check if the JSS Built-in Certificate Authority is missing?