Google Has Its Finger On The Trigger Of An iOS 11 Exploit That May Jailbreak iPhones
Ian Beer, a researcher working for Google's Project Zero team, announced via a tweet that he has discovered an exploit that could jailbreak devices running iOS 11.1.2 or older. Project Zero is tasked with finding bugs in competing software, as we've seen over the years with the prickly relationship Google has with Microsoft on the matter. So, it shouldn't come as a surprise that Google has been digging into Apple’s iOS to find any and all vulnerabilities that could possibly be exploited, including those that could be used for a jailbreaking devices.
Reportedly, this likely won't be a full, untethered jailbreak -- at least not initially. Instead, the device, be it an iPhone or iPad, would have to be tethered to a PC via a USB cable each and every time that it is rebooted. While still an admirable feat, this is far from an ideal solution, and most interested users are hoping for a fully untethered jailbreak.
If you're interested in bootstrapping iOS 11 kernel security research keep a research-only device on iOS 11.1.2 or below. Part I (tfp0) release soon.— Ian Beer (@i41nbeer) December 5, 2017
However, researcher Marco Grassi says that building on Beer's work on the exploit will "definitely be doable to make a complete jailbreak, especially for [iPhone] 6s and previous ones.”
"This type of exploit will likely help disable code signing, a mechanism that ensures only code digitally signed by Apple runs on the phone," added Motherboard. "But it would not make it straightforward to install Cydia or pirated, or malicious apps, according to the former Apple security engineer, who is familiar with these types of exploits."
Whatever the case, it's cause for [muted] celebration in the jailbreak community. In the early days of iOS, many iPhone enthusiasts leaned on jailbreaking for rather simple things like third-party apps (before the release of the App Store), wallpaper support, and for functionality like copy/paste (which didn't arrive officially until iOS 3). Over the years, as Apple added countless features and has given developers greater access to iOS subsystems, jailbreaking has become less popular with enthusiasts. After all, who would want to risk opening their devices up to potential nefarious parties by mucking around with Apple's software stack?
Which leads us to this question -- why is it that some enthusiasts are still clinging to jailbreaking after all this time? Is there more to it these days than just pirated apps and games?