Miss Jailbreaking Your iPhone? Google Might Be Planning a Christmas Gift for You!
It's been such a long time since jailbreaking stories were a part of our everyday reporting. After every new iPhone, after every new version of iOS, hackers had a mission of breaking the new software apart to make it just a little like, well, Android. In the past two years, however, Apple has further walled off its products and software making it nearly impossible for hackers to break into it. Those who do manage to find such vulnerabilities now prefer to get paid in millions by companies like Zerodium or by Apple itself.
Those who miss the days of jailbreaking and customizing their iPhones, Google might have some tricks up its sleeves. After annoying Microsoft for over a year with security bugs in the company's software, the Pixel maker may now be after the Cupertino giant - its fiercest competitor in the mobile market.
Get me some jailbreak? Don't hope for too much...
Jailbreaking an iPhone may have been easy a few years back, but Apple secured the software, worked on bug bounty programs to patch up vulnerabilities, and started offering convenience and features that had driven many users to become part of the jailbreaking community. The iPhone maker successfully killed one of the most active online communities, ending an era.
While it's all castles in the sand at the moment, Google security researcher, Ian Beer, created a storm over at Twitter and Reddit after he tweeted about dropping an iOS vulnerability.
If you're interested in bootstrapping iOS 11 kernel security research keep a research-only device on iOS 11.1.2 or below. Part I (tfp0) release soon.
— Ian Beer (@i41nbeer) December 5, 2017
There has been no word since and there are high chances that Beer has already helped Apple fix these vulnerabilities, but the jailbreaking community seems to be back from the dead.
I literally just bought an iPhone X because of a single tweet... ?
— Lobi Earl (@Lobi_Earl) December 6, 2017
Can’t wait ! pic.twitter.com/AmKqUJQmAH
— Mila432 (@Mila432) December 5, 2017
Downgrading to 11.1.2 from 11.2 😀
— robin çen (@robinen1) December 7, 2017
Wondering why everyone thinks this is about a jailbreak? Beer has essentially told everyone to NOT upgrade to iOS 11.2 because the loopholes were potentially reported to Apple and have been fixed in the latest version of iOS. Adding to the fire, Jonathan Levin, a popular name in the world of iOS tweeted the following, promising a jailbreak toolkit.
Coming soon: The #jailbreak toolkit - a dylib for those people who end up with a send right to the kernel_task port (a.k.a tfp0) in their process, but don't know what to do next.
— Jonathan Levin (@Morpheus______) December 7, 2017
Google's Project Zero has become an important name in the security industry, helping all the major companies fix bugs in their products. According to Motherboard, Beer is the team's iOS specialist, which makes sense if he found something that could be used to jailbreak iOS 11.1.2, since Google wouldn't need to make money by getting bug bounty from Apple or from third party vulnerability hoarders.
While many expect a full jailbreak, one former Apple security engineer believes that "they would need some more vulnerabilities" to make it untethered. "Most folks who want to jailbreak their phone want an untethered jailbreak, where you can reboot and all your pirated apps still work."
If you are someone who doesn't know anything about jailbreaking and don't really care about turning your iPhone into an Android, make sure to update it to iOS 11.2 to have the patches installed. However, if you have been waiting for this moment, stick to older, insecure versions - as they may bring you a chance to finally play around iOS after a long time!
[Update]: Levin says don't expect jailbreak
In a post, Levin has said not to expect a full jailbreak. "Ian's work will be allowing anyone with enough dedication (and desire to slave off for a long time just to get ingrates following him and nagging him on Twitter) to develop one [jailbreak]," he writes.
Or - as he intends - to do private research. Or - (and I'm sure he doesn't intend that) to create great malicious apps which can be nasty APTs below iOS 11.2.
It means that the jailbreak possibility is still there, but Beer isn't going to hand it over to anyone. Researchers have confirmed that "it is now possible to achieve control over the kernel in all versions of iOS before 11.2, and the corresponding versions of TvOS (<= 11.1), WatchOS (<= 4.1), because the bug is very likely exploitable in all of 'em."
Levin answered his question of "So..... someone could use this for a jailbreak?" with a "sure" giving the community more hope. Right now, there is nothing to do except for waiting for Beer to drop the code "sometime next week." He has also advised those asking about "staying or leaving" to stay with iOS 11.0.1 to 11.1.2. For more details, head over here.