The jailbroken Apple TV 2 was once the most popular device for Kodi. It’s now outdated, and poses a huge security threat to your entire network. Jailbreaking the Apple TV 2 preinstalls OpenSSH and leaves the default SSH password as: alpine. This huge security flaw puts millions of Kodi users at risk of having their Kodi box used to: send spam, DDoS, distribute malware or even something as disgusting as child pornography!
While everyone’s running around talking about Russia, the smaller security threats are disregarded by most. We’re here to tell you that if you own a jailbroken Apple TV 2 box, there’s a 99.99% chance that you have a huge security threat sitting in the middle of your living room. Jailbreaks are known to open additional security flaws in devices, however this flaw is far more egregious than others.
What puts Jailbroken Apple TV 2 owners at imminent risk of being hacked is the fact that this specific jailbreak comes with OpenSSH installed by default. Even worse, almost no one changes their root password on these devices from the default: alpine. This means that if you have a jalbroken Apple TV 2 device connected to electricity in your home, there’s a huge chance that you might have already had your security compromised.
Once an Apple TV 2 is jailbroken, OpenSSH is what allows the user to login using command prompt (or nito Installer) in order to install Kodi as well as other Apple TV 2 compatible apps such as nitoTV. As soon as you jailbreak the device and connect it to the internet, you’re left with a mini Linux computer that’s wide open and can be used by anyone on the internet who stumbles upon your IP address.
Under normal circumstances, most people are aware of the need to set a strong password on their computer. However, in this circumstance, most users aren’t aware that their jailbroken Apple TV 2 is a computer that can be programmed for any purpose. Anyone who gains access to your insecured jailbroken Apple TV 2 device could run code to do things like send spam, DDoS, or even infiltrate your phone and personal computer.
It’s important to understand that your overall digital security is online as good as your weakest link. It is becoming increasingly popular for hackers to use internet connected devices as part of botnets. Botnets are basically masses of infected devices used for a collective purpose like spamming, DDoS attacking, or fraud. Hackers could even turn your insecure jailbroken Apple TV 2 into a server, hosting all kinds of undesirable content.
Who’s to blame? We hate to say it, but the company behind the popular Seas0npass jailbreak for Apple TV 2 should have known better. For years Firecore distributed what was the only method of jailbreaking the Apple TV 2, and knowingly chose to include OpenSSH with the jailbreak. They should have seen this coming, and given the user the chance to change the SSH password at the time of jailbreak. Instead they likely turned a blind eye in order to make things simple for the average joe, to whom they also tried to upsell other premium apps.
Lastly, please be advised that Kodi support for the Apple TV 2 was actually discontinued over two years ago. This means that it won’t perform anywhere near as well as newer Android TV devices, and you should start thinking about an upgrade. We’re fairly certain that most Apple TV 2 owners don’t even realize their devices are still connected to electricity, and therefore to the internet via wi-fi. We hope that the guide below will assist you in securing your jailbroken Apple TV 2 should you choose to keep it online.
Securing the Jailbroken Apple TV 2
Although this is a huge security flaw that could potentially affect millions of Kodi users, it is one that can be easily corrected by changing your default root password to something more original.
nitoInstaller for Apple TV 2
Step 1: Once you’ve jailbroken your Apple TV 2 box, connect it to your television and internet.
Step 2: Launch the nitoInstaller app that you just downloaded. Be sure that your computer is connected to the same internet network as your Apple TV 2 device.
Step 3: Click on where it says Choose Apple TV and select your device from the drop down list.
Step 4: On the Apple TV 2 device, navigate to the Settings menu, followed by the General menu, and then the About tab. Verify that the IP Address matches the one displayed in the lower left corner of the nitoInstaller interface.
Step 5: Click on the Advanced toolbar menu.
Step 6: Select the Change SSH Password function.
Step 7: Input your desired SSH password, then press the OK button.
Choose something that won’t be easy to guess! Write it down somewhere safe, because if you forget your root password you’ll have to factory restore the Apple TV 2 using iTunes.
Step 8: Wait a second while nito Installer changes your jailbroken Apple TV 2’s root password.
Step 9: You’re done! You’ve now successfully secured your Apple TV 2 from being easily accessed by any bad actor on the internet.
Please be sure to share this notice with your friends, family and coworkers. There’s nothing worse than having an insecure device on your network and not even realizing it. You won’t even know once you’ve been hacked, so it’s important to take proactive steps in order to secure all of your internet connected devices, including the jailbroken Apple TV 2 and Android TV set top boxes. Should you have any questions, please feel free to visit our discussion forums at your convenience.