iPhone Jailbreaker Nicholas Allegra (Comex) Gets Profiled By Forbes

Posted Aug 1, 2011

Forbes has done an interesting profile on Nicholas Allegra. Nicholas Allegra is a 19 year old that lives with his parents in Chappaqua, New York. Allegra is currently on leave from Brown University. While on leaving looking for an internship, Allegra programs for the fun of it. But the type of programming he does is stressing out Apple Inc. (NASDAQ:AAPL). The programming that Allegra does is exploiting source code cracks on the Apple iPhone and jailbreaking the device.

?It feels like editing an English paper,? stated Allegra. ?You just go through and look for errors. I don?t know why I seem to be so effective at it.? Allegra is known as the hacker handle Comex. Allegra has released a piece of code called JailBreakMe, which allows millions of people to by-pass Apple’s security on the iPhone and the iPad.

JailbreakMe allows users to install any application they want on their devices. When Allegra released JailBreakMe 3 in July, Apple rushed to patch the security opening in 9 days. However 2 million people used JailBreakMe 3 to jailbreak their Apple gadgets. Apple blocked JailbreakMe.com on their in-store WiFi networks.

Since 2008, Apple implemented a safeguard called “code-signing” to prevent hackers from running their own commands on the iOS mobile operating system. Even when a hacker finds a security bug, he or she can exploit the bug by reusing commands already in Apple’s software.

When Allegra released JailbreakMe 2 last year, Apple randomized the code in memory so that hackers would not be able to hijack the code.

Allegra found a way to get around the locks. In JailbreakMe 3, Allegra used a bug in how Apple iOS handled PDF fonts to locate and repurposes hidden commands. This flaw allowed a series of exploits that gained total control of the iOS device and leaves behind code that jailbreaks it again every time it reboots.

The sophistication of JailbreakMe has been considered on the same par as Stuxnet. Stuxnet is a worm that was designed either by the Israeli or U.S. government to infect the nuclear facilities in Iran.

Allegra does not have anything against Apple. He is an Apple “fanboy” and considers the Google “the enemy.”

?I guess it?s just about the challenge, more than anything else,? said Allegra.

Allegra taught himself to code at age 9 in the Visual Basic programming language. ?By the time I took a computer science class in high school, I already knew everything,? said Allegra.

?I didn?t come out of the same background as the rest of the security community,? added Allegra. ?So to them I seem to have come out of nowhere.?

Three courts have ruled that jailbreaking is legal and another court said that it could violate the DMCA. Allegra also created a patch for the PDF vulnerability alongside JailbreakMe 3 so that hackers couldn’t exploit the same bug.