How to I protect my jailbroken iPhone/iPod Touch/iPad?

People always say, "Jailbreaking can cause security problems." That might be true, but in some instances, you just need to jailbreak it.

How can I protect my iPhone and my data when it is jailbroken? Is there an app (through Cydia), that allows me to modify anything, or is there no easy application that does this? I'm pretty sure jailbreaking just removes the part of the OS that only allows you to download apps from the App Store. You think you would be able to modify that file/part of the system and allow it access to Cydia or whatever, and then somehow create a secure network and screen apps for viruses or whatever.


On a general level, I'd personally secure a jailbroken phone by re-enabling the code signing restrictions of iOS, ensure sandbox requirements are upheld and turn off all remote access. Furthermore, disabling all root accounts and choosing secure passwords for all remaining accounts that your specific jailbreak process creates or modifies would be prudent.

Apple has teams of people to police third party apps, set up sandboxes, audit security, etc… When you jailbreak, you take responsibility for all of those activities which carries a large technical burden to know what to check in the first place and then how to secure things.

At some point, this exercise becomes a bit metaphysical - Do you trust Apple to engineer and watch the device? Do you trust yourself to be up on securing unix systems (Practical Unix and Internet Security, 3rd Edition is a fabulous book)? Do you trust the jailbreak to document what changes it has made and allow you the control over security you desire?

There are clearly times when a jailbroken phone (in the hands of a knowledgable operator) can be more secure than Apple's current iOS if it patches a vulnerability that you need to have closed now and not when Apple patches it - but for most, sticking as close to Apple's configuration as possible is the best plan from a security stance.


Update: I found this:

One thing you can do it change the root password of your iPhone to prevent viruses from getting in with the common password.


Aside from changing you default passwords if you install openssh, don't install from shady repositories. Thats the only real risk I can see. Some people may try to call whatever exploit was used to allow jailbreaking a 'security issue', but often with each jailbreak there is a package you can install that closes said hole.