Secure against your iPhone worm jailbroken
If your iPhone was recently “Rickrolled” by a worm that targets jailbroken iPhones, the following six steps will show you how to change the root password–used to connect to your device via a Unix software secure shell–to protect yourself in the future.
1. Tap the MobileTerminal icon to open a terminal window.
6. Enter the new password again and press return.
Before starting, you will need to have MobileTerminal installed from the Cydia store. Then:
Updated 11/11/09 at 5:27 p.m. PST: One commenter pointed out that the mobile user account, the default user on the iPhone, can access all your data and shares the same default password of alpine. You can change the mobile password by launching MobileTerminal and following steps 4 through 6 above.
The root password is now changed, and your jailbroken iPhone or iPod Touch is now a bit more secure than it was before and less vulnerable to the first worm detected that targets the iPhone.
5. Enter a new password and press return.
2. Enter su and press return.
3. Enter the current default root user password alpine and press return.
4. Type passwd and press return.
I followed these steps yesterday, and my phone’s had no service since. Is there any relation, and if so, how do I fix it? I had full service in my apartment until I did this.
It’s possible to ssh into an iPhone using the ‘mobile’ account as well as ‘root’, so you should change the password for the ‘mobile’ account as well. Just do steps 4-6 from the prompt before typing su to change to ‘root’.
Another great security option is to disable SSH when you ain’t using it using SBSettings or Bossprefs. Free and easy to install from Cydia. That way NO ONE can enter until you turn SSH back on.
SSH is really the killer here so only turn it on when you need to use it. Its a simple security precaution. I would still advise changing the password though and DistortedLoop is right in saying you should alter the password of mobile as well… just for extra security…