What are the risks of jailbreaking an iOS device?

jailbreak

Solution 1:

The absolute worst case scenario is you are forced to revert back to a non-jailbroken device and may lose content if you did not make the necessary backups. That is bar-none the worst case scenario. It is also of note that Apple will turn you away should you bring in a device that is jailbroken. They have a firm stance against the practice and state that it will void your warranty. Of course reinstalling iOS and removing the jailbreak corrects this matter. Additionally, upgrading to future iOS versions will remove the jailbreak (OTA updates in iOS 5 cannot be performed).

You cannot "brick" your device, rendering it inoperable by using any jailbreak utilities. Repeat, you cannot "brick" your device anymore than you can render a Mac inoperable by messing with OS X. A simple restore returns the device back to its original state. The ill-gotten rumor likely started due to the protection schemas in place that safe guard the mobile device from tampering (i.e., breaking Apple's closed system). Apple has set up a gauntlet a jailbreaker must bypass in order to open iOS. During those stages, problems may occur, leaving the phone in a state of "flux." This occurs when the device is left without a working operating system. In this state, it will not graciously look to iTunes for a fix. But rather sit in this state of limbo and require additional software to "bring it back to life." It is, however, always possible to restore it and any coming forward to claim otherwise are only bringing to light their own ignorance and ineptitude at correcting the matter. I think an apt analogy would be to look at someone trying to jump start a car. It's possible to boost any car, but some may reverse the cables, or fail to clamp the negative to a proper ground. Sparks fly and the ECU shorts. Surely if the person knew what they were doing, they would have jump started the car without issue.

Jailbreaking itself does not pose an inherent risk. There have been cases where a jailbreak actually allowed the patching of a known security risk (jailbreak me.com first exploited this security hole and then subsequently provided means to repair it well before Apple stepped in correct the matter upstream). These cases, are however, rare. Most of the time, a jailbreak relies on similar exploits to deliver itself (as is the case with iOS 5.0). So while the jailbreak is safe, it may force a user to remain on a compromised version of iOS and unlike the initial PDF exploit that made jailbreakme.com possible, may not have the means to patch it.

The biggest threat is the expansion of capabilities made famous through Cydia. The most prolific is the installation of SSH (a secure file transfer protocol) without changing the two accounts on the device (root and mobile). They both share the same password (alpine) and without changing them, a mischievous hacker only needs to get the device's respective IP address. After which, they will have root access (full control). This, of course, is easy enough to overcome and will likely only affect the most ignorance of user bases. Surely you cannot claim a house is unsafe because the residents refuse to lock their door!

Lastly, the installation of apps through untrusted Cydia repositories may also be a cause for concern. Jailbreaking a device removes Apple's signature checks, so the device is only too happy to run most code thrown at it. While Apple stringently approves what code is given the authority to run on your device (and sandboxes all apps for that matter, greatly restricting their privileges) those checks are removed after the device is jailbroken. Moreover, those apps are no longer sandboxed like the ones found on Apple's App Store. It's possible that a user may come across malicious code, but no such cases have been made public. The jailbreaking community isn't bent on malicious intent, but rather freedom of choice. In that respect, they act as paladins, and anyone seeking to exploit their work would be brought to light before long.

The troubles affecting jailbreaking essential revolve around ignorance and naivety. For an experienced and intelligent user, they bring no more risk to one's security than a "locked" device. And in some cases, may provide the ability to tighten's one's security and privacy (typically made possible by developers that use Cydia to distribute their wares).

Note: Cydia itself is a reputable "store." The programs found within it's walls are all safe and typically carry some level of professionalism. The problems arise when users register outside repositories (or repos) that carry untested, pirated, or questionable software. Jailbreaking also does not mean iOS is free to run "cracked" software found legitimately in the App Store. Those security measures remain intact even on a jailbroken device and must be circumvented separately, outside of the actual jailbreak. Many are confused by this duality and assume a jailbroken device can natively install pirated apps. That is not the case.

Solution 2:

If you modify the OS, you might not be able to upgrade to an Apple iOS update as soon as it is released, and keep your non-stock modifications.

Some stock App store apps may refuse to run if they detect a modified OS.

There are certainly more ways with a jailbroken OS for you to crash or brick your device (and more ways for a rogue or buggy app to do so as well).

You device may also have a different set of security vulnerabilities than a stock OS iOS device, which may or may not be as widely reported, and which Apple might or might not be patching.

Related

How can I merge two similar-but-not identical folders?
MAMP html source folder
nohup or persistent process on Mac OS X ssh
Can I use a time machine volume to store additional data?
How can I fix the iTunes 11 mini player that won't show the track name?
Can I shuffle a set of songs when I add them to Up Next?
How can I take a screenshot while holding down the control key?
How to change the default shell in iTerm?
No hover feedback in OS X Yosemite
When in Fullscreen OSX Yosemite won't hide the dock
How do I encrypt an external drive with FileVault 2 in OSX Yosemite
Junos Pulse Crashing on El Capitan (10.11), Causing Keychain Issues?