You’ve probably heard that jailbreaking makes your devices less secure. In a sense that’s true. Jailbreaking disables or circumvents a number of key security features including the ‘sandboxing’ that keeps applications from accessing unauthorized files outside their own directory. On the other hand, jailbreakers have been ahead of the curve in terms of security in other areas: notably, Comex released a PDF Patcher that protected jailbroken iPhones from the same web-based vulnerability that made JailbreakMe v3.0 possible in the first place, over a week before Apple could released a fix.
Aside from the potential for malware, there are other security issues to keep in mind. As showcased by Bitdefender’s Clueful, even apps approved by Apple can read your address book, track your location, use your UDID as a fingerprint, and send your sensitive data unencrypted over WiFi. (It doesn’t matter how secure your phone is if someone can just ‘listen in’ on the message.) Luckily there are Cydia tweaks that can protect your phone and your information:
#5 TSProtector P — $1.39
TSProtector has potential, but we need a tweak that can help us keep tabs on jailbreak utilities too.
TSProtector alerts you whenever an app attempts to access system files. Unfortunately tsProtetor currently only applies to App Store apps–usually apps attempting to detect a jailbreak–so in practice it’s currently a pricey version of xCon. There is also a free version called tsProtector PFB that’s missing logging features. If TSProtector expands to restrict certain directories from jailbreak apps, it could become one of the most useful security tweaks in Cydia.
#4 iCleaner — Free
Want the most heavy duty utility for cleaning up partially downloaded Cydia files, obsolete app caches, cookies, and your browsing history? iCleaner is a MobileTerminal utility that can get rid of potentially sensitive information you didn’t even know is on your device, and save you a ton of data on your iPhone in the process, iPad, or iPod Touch. When I tried this app out in April, it found over 300MB of junk data, while other users were able to clear over a gigabyte. That’s equivalent to 20 albums from iTunes.
#3 iCaughtU — Free
Though you can use Apple’s “Find My iPhone” service to locate your iPhone, iPad, or iPod Touch, it can’t show you who has your phone. iCaughtU is a free Cydia tweak that snaps a picture from the front camera whenever someone enters an incorrect password, and sends the picture to your Gmail account. It may not guarantee your phone gets returned to you, but a photograph can help police track thieves, even if they wise up and turn the power off.
#2 Protect My Privacy — Free
iOS 6 officially introduced the ability to restrict apps from accessing your contacts, but we’re still waiting on that untethered jailbreak. For those of us stuck with iOS 5.1.1 and earlier, there is an even better option. At your discretion, Protect My Privacy can scramble music and contacts’ names, spoof your device’s UDID to a random identifier, and even present a fake GPS location on selected apps. (These apps can still read your rough location from your IP Address, so you can’t use this tweak to access a different country’s Netflix catalog; I’ve tried.)
#1 Firewall IP — $4.49
Sure, it’s an ugly app, but it gets the job done.
Blocking an app from reading your contacts list is one thing; blocking an app from unwanted connections to the internet? That’s the holy grail of security tweaks. Firewall IP will send you an alert whenever an app tries to connect with an outside server, which will tell you which app is trying to access what server, allowing you to accept or deny each connection. Firewall IP is so powerful it an even block ads.
A broken tweak that we wished still worked:
Stealth MAC–spoofs a randomized Mac address for your iOS device, which thwarts some of the nastier tracking methods. Compatibility’s been broken since iOS 3. Admittedly Stealth MAC is a wee-bit high on the tinfoil hat scale, but it could prevent ad networks and other groups from tracking you through your MAC address.