Pusher: Your 2.2 jailbreak

In leu of the recent release of firmware 2.2, I think it is a good time to tell you what we were working on in the past 2.5 months. Today, a number of updates are being released, along with a completely new product that should simplify your use of the iPhone, expand a whole new world of possibilities without compromising security of your phone.

I’ll start from the beginning. You probably are all aware what jailbreak means, but I will reiterate just to make it clear. By default, each iPhone has two partitions: system one and user one. The system one is where the system files and system applications are stored. The user one holds your contacts, SMS, AppStore applications, music, videos and so on. Historically, for security purposes, the system partition was always in the “read-only” mode, to prevent malicious access and modification of the system files. Jailbreak process was created to facilitate the need of unlocking of the phone as initially it was only working with AT&T network, and user partition didn’t allow execution of programs – in a nutshell, it simply allowed the system partition to be writable – so one could add and run third-party applications on it.

Now, more than 1.5 years later, jailbreak has became a synonym of something “hackish”, and moreover, some Apple outlets are not servicing the jailbroken phones. Granted, jailbreak is needed to make certain tools work – such as BSD Subsystem, SSH, and some others, but overall nowadays (largely because of the tools mentioned) it actually makes your phone less secure! Why? Because it allows anyone to contact your iPhone via SSH with root (superuser) access and gain access to any file on it – this being your contacts, mail, photos, music and whatnot – and what’s worst, you will not even know it happened! SSH is a commonly known protocol, so almost anyone could get onto your phone as long as you’re in the same WiFi network. How? Two things: default installation uses the same root password, “alpine” (and 99% of the users never change it), and SSH actually advertises itself over Bonjour! So all someone has to do is open up a Bonjour-compatible SSH client (such as Terminal.app on Mac or almost any SFTP client), pick the iPhone they want, and start rocking!

I won’t argue that BSD and SSH are needed by some people who actually need BSD/SSH access on their iPhone – but let’s face it, this is mostly the über-geeks. About the only use for SSH for a casual user is an ability to upload files to the iPhone – and, since it’s not the only available method, I strongly believe the possible security risk is honestly not worth it.

So my point is simple – jailbreak is no longer needed in its “traditional” form for most people. This is why we have developed a tool that does something else… and it’s absolutely amazing. Here’s what it does: it puts some tools (including our own Installer) onto the user partition of the phone without opening the system partition up! You get Installer, a whole world of third-party tools that didn’t got into the AppStore for some reason, such as Kate, Qik, Snapture, and dozens of others, all that without compromising your security!

The tool is named Pusher (mostly because it pushes some things onto the iPhone, and because we found the allusion funny). It works for both 2G and 3G phones running 2.0.2, 2.1 and 2.2 firmwares. Simply download it, launch and follow the instructions on-screen – the whole process takes about 3 minutes.

To make your life even sweeter, we went ahead and added a few things for free that we thought might be useful – an alternative system font, an ability to set your SpringBoard background, two alternative Cyrillic keyboards, and a few other extras that might become useful. The Mac OS X version is available for download immediately, with a Microsoft Windows one following shortly after.

Of course, because Pusher’s process of installing tools onto your user partition leaves the system one locked, some tools will not install – to name a few, that’s BSD Subsystem, SSH Server, and maybe some more. But the majority of apps will just work – so you can get the best of both worlds – AppStore and Installer.

You can download Pusher at its homepage – give it a try.

Also a new thing for today is Installer 4.0b10. Other than stability improvements, we have embedded a scripting language named Lua that is used in such applications as Adobe Lightroom and World of Warcraft. Lua makes it possible to write more sophisticated install scripts and we’re taking full use of it for our updated products.

Oh, and we are also releasing updates to Kate and Russian Project to make them 2.2-compatible.

Stay tuned for more updates and news!