See more...

iSSLFix Tweak: Patch SSL Vulnerability on iOS 4.3.3 Jailbroken iPhone, iPad or iPod Touch [Recommended]

There is no doubt that one of the best things that happened to the world of jailbreaking is when famed developer Comex released Jailbreak 3.0 to the eager public. First, it has provided the jailbreak community with an easy as pie, no-nonsense method of jailbreaking their iOS devices. And second, JailbreakMe 3.0 is currently the only jailbreak solution for those who owns an iPad 2 which was proven to be quite difficult to jailbreak.

JailbreakMe 3.0
JailbreakMe 3.0 uses a PDF exploit that's found within Mobile Safari, so in order to patch that vulnerability, Comex also released PDF Patcher 2. Apple was also made aware of this critical security flaw so they were quick to release an update for iOS 4, which is the iOS 4.3.4. And after that, a few weeks after, they rolled out another firmware update in the form of iOS 4.3.5 which addressed another security issue which is an SSL vulnerability known as "CVE-2011-0228".

So if you happen to be running iOS 4.3.4 and below, you are essentially still at risk due to SSL vulnerability. If you want updated security for your iPhone, iPad or iPod touch then you will have to upgrade to iOS 4.3.5. The problem is if you're sporting an untethered solution, upgrading to 4.3.5 means that you will lose your untethered jailbreak and will have to settle with a tethered one. This is because there are no untethered solutions past iOS 4.3.3.

For some people the difference between tethered and untethered jailbreak is non-debatable. Having a tethered jailbreak is simply inconvenient because you will need to plug your device to a computer each time your device loses power or reboots. Understandably, many will stick to untethered jailbreak despite being outdated firmware-wise.
iSSLfix Cydia
Luckily as always, the jailbreak community has your back. There is now a new jailbreak tweak that will provide your device with the same security level that iOS 4.3.5 can give without having to upgrade. The name of the tweak is iSSLfix and is available through Cydia under the BigBoss repository. But first you will need to toggle your file view settings to Expert in order to see the fix in case you are currently under Simple. You can do this by tapping Manage below Cydia, then Packages. At the top right portion of the screen you should see a Simple button, tap that in order to change it to Expert. Just search for the iSSLfix, install and have that peace of mind because your device is now fully secured.

As with all tweaks coming from Cydia, you will need to have a jailbroken iPhone, iPad or iPod touch before you can install iSSLfix. If you want to untether jailbreak iOS 4.3.3 on your device then just pick a jailbreak tool from the following: Redsn0w, Sn0wbreeze, PwnageTool and JailbreakMe 3.0 (highly recommended for beginners). If you are under the latest firmware iOS 4.3.5, then you can use Redsn0w for a tethered jailbreak.

Another alternative method is you can download the DEB file of iSSLfix and SSH it into your iPhone, iPad or iPod touch.

Contact Us for News Tips, Corrections and Feedback

Related posts

Leave a message...

    shadowneko0035 years, 2 months ago

    Ok, just to let people know. I installed the fix and it broke my unlock. However, just re install ultrashow and reboot, and you’ll have your unlock again.

    Zain5 years, 2 months ago

    Thanks for the patch. I jailbreak my iPhone 4 few days back. Is it necessary to install this patch after isntalling PDF Patcher ?

      Pramod5 years, 2 months ago

      Yes, it is necessary because the PDF patcher patches only an exploit that was used by JBMe3 to jailbreak your iDevice, but iSSLFix patches a security vulnerability that exists within all iOS versions prior to iOS 4.3.5 without the need to actually update to iOS 4.3.5 & loose your jailbreak.