IT IS AN IMPORTANT & SERIOUS NOTE!!!
i would said iPhone is borned to be an Always On-Fly MultiMedia Device, not just a simple smart phone, nor a simple PDA!!
U Lose Lot of FUN if Your iPhone doesn't attach on the Internet!
However, once you attach it on the Internet, you have to think about "Security"!
Therefore, i would like to discuss about the Security of "JailBroken" iPhone b4 we go to "Alternative Way Install Software in your iPhone"!
You may challenge me, What a contradiction! You "JailBroken" it & desire to Secure it!?
Ok! OK! Stop argue on this never-end matter of Security vs Fun~~
Anyway, we have to think about how to enhance security level of Default "JailBroken" iPhone. I am sure that none feel good if your info. or your photos are leak or be grabbed into the Internet and become "Next Mr. E", right?
First. Two terms you need to know,
1. "Default" = World know
2. "OpenSSH" = Remote access available to your iPhone (more info about OpenSSH)
After you "JailBroken" your iPhone by ZiPhone, OpenSSH is default installed!
That's mean once you connect your iPhone to Internet, "Every Good/Bad Boys are Welcome!" o___0
Moreover, a default password of every firmware ver. is already listed on the Internet!! o___O" (G__gle to default password)
Someone would suggest Why not just uninstall the OpenSSH! Then, none can access your iPhone!
Yes, you are right and you may do so.
But, i am afraid no iPhone owner will follow your idea, because it will lead iPhone not available to install some software alternatively via SFTP (a Secure FTP)!!
Then, what should we do?
My Suggestion:
Level 1. Disable OpenSSH when you are not using it
Level 2. Change Password (But, CAN'T WORK in straightforward way!!)
Level 1: Disable OpenSSH
You can install some utilities to enable or disable OpenSSH
1. "Ulctl" from Source Ste Packaging, simple and quick! (Check in Tay's iPhone 2nd Note)
2. "BossPrefs" from Source Big Boss, [I currently used] (Check in Tay's iPhone 2nd Note)
3. "iNetServices" from Source "iSapzio"
Level 2: Change Password (But, NEVER USE "PASSWD"!!)
CAUTION! Please pay HIGH ATENTION on following steps AND, TAKE YOUR OWN RISK! Otherwise, your iPhone will stuck in continuous Edit Home Screen Loop!!!
The ONLY way to FIX it is RESTORE YOUR iPhone! IF you not fully understand, just don't do it!! (Although, I recommend everyone should do this step!)
CAUTION AGAIN! Never Use 'PASSWD', your iPhone stuck in continuous Edit Home Screen Loop!!! What A NIGHTMARE
The ONLY way to FIX it is RESTORE YOUR iPhone!
If you have some knowledge of using Unix or Linux, whereas, you know nowadays "Red Furit" OS built on "Unix Kernel", then a straightforward way is using passwd to change your password via SSH! (Use Putty for Win or Just use Terminal for MAC, yes, that's what i thought TOO! I thought i was Smart TOO!!)
If you do so (I DID Twice!!!!), you will in a BIG BIG TROUBLE! NEED TO RESTORE YOUR iPhone (YES, I am in TROUBLE Twice!! How Smart I AM! WHAT A NIGHTMARE!!!)!!
Once Again! NEVER USE "PASSWD" to Change your iPhone's Password
Here is the Steps that Change your Password by Edit and Replace iPhone's master password file
Password File is Located at: /private/etc/master.pwd (in firmware 1.1.4)
1. I generate your new password by Mac OS X's Terminal by following command, you can use other mean
openssl passwd -crypt -salt /s 12345678
(** Where 12345678 is your new password, BUT NOT LESS THAN 6 Characters and NO MORE THAN 8 Characters)
you will get a new encrypted password /sXYZxyzXYZxy <= encrypted password
2. Bakup your Master Password File to your Computer by downloading it via SFTP [PC (WinSCP) /MAC (CyberDuck)]
3. Edit iPhone Master Password w/ new password in 2 lines
#10: root:/sXYZxyzXYZxy:0:0::0:0:System Administrator:/var/root:/bin/sh
#10: mobile:/sXYZxyzXYZxy:501:501::0:0:Mobile User:/var/mobile:/bin/sh
4. Replace (uploading) new Master Password file back to your iPhone
More info:
http://www.macosxhints.com/article.php?story=20080224231344798
Anyway, hope every iPhone user "play safe" before start playing your iPhone~
Next Note will start playing iPhone!! Yeah!
Start from 2006 ...
沒有留言:
發佈留言