SSH my iPhone – or how I learned about security the hard way
If you haven’t heard by now, a kid started taking over jailbroken iPhones in the Netherlands. The exploit is really simple, but just goes to show why lots of jailbreakers have no idea what they are doing. The very first thing you should do, following the jailbreak install, is change all the passwords on your iPhone. By default, the root and mobile users both have the same password of “alpine”. The AppleTV has the same problem, once you hack it, but the username is “frontrow” which is also the password.
This is sort of the most basic thing that all iPhone jailbreakers should know. It’s like leaving your computer on auto login, or using the administrator account on a Windows machine with the password, well, “password”. Whenever I read about these sorts of exploits, I kind of feel like you get what you get. You don’t have to be security paranoid, but you should at least lock the front door. A computer is only as secure as the person who uses it, which is why phishing scams work so well.