What changes in a jailbroken kernel?

Question

Having seen this question on protecting your app from being cracked, I saw that the top answerer mentioned something about being able to see if a device was jailbroken by some i

Answer 1

About a year ago, saurik wrote a comment on Hacker News with a list of the "'best practice' patches that jailbreaks install by default". I'd suggest reading that comment for all the details, but here is a preview of what he says (with lots of explanation that I snipped out):

1. AFC2: allows you to access, over USB, all of / as root instead of just /var/mobile/Media as mobile.

2. fstab / rw: makes / be mounted read-write.

3. fstab /var suid dev: allows setuid executables and device nodes on the user data partition.

4. codesign: allow code that has not been signed by anyone to execute.

5. codehash: allow processes with "corrupt" pages of code to execute.

6. rw->rx: supports changing a page of memory from writable to executable.

7. rwx: allows memory to be marked for write and execute at the same time.

8. sandbox: allow processes to access files that are outside of their sandbox based on Unix permissions rather than the normal sandbox rules.

9. crazeles: a ludicrously complicated hack by planetbeing that neuters the FairPlay DRM checks that cause iBooks to refuse to operate correctly on jailbroken devices.