Recently a dutch hacker found a way to access users iphones, getting in via open ssh, and locking their devices with a message displayed on their screens telling them to pay $5 by paypal in order to get back use of their device. The hacker has since had a change of heart, and has refunded some people, and sent instructions out to others to show them how to unlock their devices. Never the less, its been done, and could be done again!
If you are jailbroken and have ssh installed on your iphone, then you need to up your security. Most users dont even change the password from 'alpine', remember you're sharing this password with possibly thousands of hackers, when you hear it like that it, doesn't make sense not to does it?
Simple things can help, like having sbsettings or bossprefs installed from Cydia, that way you can toggle ssh off easily whenever not in use, if its not switched on, nobody can get access into your device. As stated above, I would also recommend changing your passwords for your ssh client, to do this follow these instructions ;
1. Open Cydia and select ;
Search / Type in and install ;
mobile terminal
2. Respring your device
3. Open mobile terminal app
4. Type in and enter the following ;
passwd
alpine
your new password ( This must be 5 characters minimum )
your new password
su root
alpine
passwd
your new password ( This must be 5 characters minimum )
your new password
NOTE ;
This changes the mobile and root password, in that order, so the next time you open winscp you will need to enter the new password. The two passwords can be the same, or different if you choose.
5. Exit mobile terminal
Its that easy! And with people recently getting hacked and blackmailed through ssh, its definately worth doing!
No comments:
Post a Comment