TaiG’s Jailbreak Security Weakness Causes App To Become Root

Ali Salman
Posted 1 year ago

TaiG Jailbreak team has always been keen to release jailbreak for current iOS versions. Recently, it released the jailbreak tool for iOS 8.1.3, 8.2, 8.3 and the most up to date has been released yesterday for iOS 8.4. Though there are hundreds of tweaks supported with the iOS 8.4 version of jailbreak and many more are in the pipeline. Everything seemed well before an issue was spotted in TaiG’s Jailbreak that causes adverse effects on iOS apps.

A security expert and hacker, Stefan Esser or i0n1c reported about the issue in a couple of tweets that the flaw in security allows any app to become root which causes exploitation of user data on the iOS running device. The user data exploits technically exposes the iOS security which might not be favorable for the user.

Security Flaw In iOS 8.4 TaiG Jailbreak Causes User Data To Expose

Considering the vulnerability, users have notified about TaiG jailbreak having a backdoor. Below are some of the tweets from Stefan Esser that details the security flaw in TaiG Jailbreak for iOS 8.4.

As can be seen from the tweets, it is advised to users to not install random tweaks from unauthenticated users, which might eventually cause apps to become reboot easily, according to Stefan Essen. Saurik has also taken note on the issue on a reddit thread and exclaims that the issue was already present since last week when TaiG 2.x jailbreak tool was released. Saurik and TaiG has pondered over the matter and a plan to fix the security flaw has been devised which will be released as soon as they can.

I already talked to TaiG about this awkward kernel patch days ago, and have this on my schedule of things to fix “next” (after the thing I’m working on fixing right now). FWIW, I did not realize their patch was this bad (I mean, dude: that’s pretty bad…), but I’m still not terribly concerned (as an example: i0n1c says “don’t install tweaks from random people in the next few days”, but those already by definition have privileged access, so you should already be careful installing them). (This setuid bug is the “proactive fix” that I talked about in the Cydia 1.1.18 changelog.)

So there is no need to worry about the security flaw, it will be fixed in just a matter of time. In the meanwhile, you can take precaution by not downloading tweaks from Cydia developers or unknown sources yntil the fix arrives. This is it for now, guys. Let us know if you faced any issue on iOS 8.4 TaiG jailbreak.

Share on Facebook Share on Twitter Share on Reddit