Installing stuff you don't understand will always carry the risk of getting your device infected. This is no different from altering the default (secure) settings of the phone, something that can be done on pretty much any mobile device, regardless of the OS.
Ultimately, any phone is only as secure as the owner wants it to be. Making alterations you don't understand and then blaming the OS for the security holes you introduced borderlines stupidity, also does pretending that one OS is more secure than another and will somehow plug holes that were voluntarily opened. It's like drilling the bottom of your boat and then blaming the manufacturer of the boat because you're taking water.
Just so very lame you have (or would like) to do this in the first place. On Android you don't have to "jailbreak" just because you want to use a 3rd party keyboard or a different launcher or some app that isn't "officially approved". Hate hermetically sealed-off OSs - they're just a massive disservice to end-users.
Load of farce with no clue what you're talking about. First off, Pangu's an UNTETHERED jailbreak. If you bothered to Google the term at all or if you had any clue what you're talking about, you'd know. Secondly, every jailbreak utility as well as plenty of Android rooting utilities are executables. PanGu already stated that they did not ZIP the Cydia archives hence the 80MB utility. Thirdly, any and every rooting/jailbreaking utility is a risk, so is rooting/jailbreaking because you're exploiting the device/mobile OS, so I don't get why you're arguing over security issues and all, because once your device is rooted/jailbroken, your security is ripped wide open, that's a known fact since the beginning of iOS jailbreaking and Android rooting.
Get your facts straight before posting an article, because this "article" seems to be ripped off of an 8 year old or probably was written by an 8 year old. This article is not different from scam sites like evad3rs.net, Team7Jailbreak.com and evasion7.com, just stirring up attention. Pathetic....
It still puzzles me how Apple fans, who swear they fancy Apple products due to simplicity, ease of use and don't care for being "a techy", suddenly jump on the tech enthusiast bandwagon when it comes to tweaking their products.
1. Pangu is untethered. Any security firm that thinks it is tethered does not deserve to have "internet", "computer" or "security" in its job description. Did the author of this article misunderstand them?
2. Jailbreaking opens up your phone to security risks. That is well known. There are ways to patch those vulnerabilities after you jailbreak. That is also well known in the jailbreaking community. Every OpenSSH tutorial, for example, warns you to change your default root password.
3. Talking about malware embedded in the jailbreak tool downloaded from sketchy sites has nothing to do with jailbreaking and more to do with common Internet sense. Would you download an antivirus software from CNet/Download.com/the original antivirus company's site, or would you download it from a sketchy site that says "Free Antivirus!!!!" and has "You are the 10,000th visitor!!! Click here to win a prize!!!" banners all over it? If you are the latter, you should not be jailbreaking your phone.
4. i0n1c (AKA Esser)'s issue is irrelevant to jailbreak security, but since it was brought up: Esser revealed the bug to the Pangu team in a paid training session. If you were a teacher who imparted knowledge on your students, why would you not want them to use it for good? i0n1c's bug is one small part of the Pangu package, and the Pangu team credited him in the jailbreak. i0n1c's tweet is him being bitter about a petty issue.
To sum up:
Scaremongering tactics combined with skewed writing and sensationalist statements. I hope you don't consider yourself a journalist.
It looks like most of this alleged information is based on one side only: Steve Essers's side.
As far as where this jailbreak came from Steve came to the jailbreak Reddit and teased us for two months that he had a jailbreak that was easily installed and that he was not going to give it to anybody.
Then he even wrote an article that gave all the clues as to how to do it and if you are a developer you could probably figure it out fairly easy. But he did not stop there, he held classes where he charged a a lot of money and he taught a bunch of students how to do this jailbreak.
So one of them figured it out and they gave the information or sold it- it doesn't matter which, to Pangu who then released the jailbreak. So as far as 1r0n1c/Steve Esser is concerned this jailbreak was bought and paid for even if it was his idea. and he did not have anybody sign nondisclosure agreements, so it's his tough luck. Besides it is a clean jailbreak and there are no security issues with it, I would estimate right now maybe a few million people have used it and No ill effects, so I resent this whole article it, should be updated immediately after the person who wrote it learns what the hell they are talking about- because they don't.
You're saying it takes security researchers to hack into an iPhone; Then there are 8 year olds who can create and distribute malware for Android by following a simple tutorial. Fandroid I see. #BlackBerry10