Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Wednesday May 27 2020, @08:13AM   Printer-friendly
from the gimme-a-break dept.

New iOS Jailbreak Tool Works on (most) Versions of iOS 11 to iOS 13.5

New iOS Jailbreak Tool Works on (most) Versions of iOS 11 to iOS 13.5:

Latest version of UnC0ver uses unpatched zero-day exploit to take complete control of devices, even those running iOS 13.5.

A hacker team has released a new method to jailbreak iPhones that they claim uses a zero-day exploit that allows them to jailbreak iPhones running iOS 11 through Apple's most recent version of its mobile operating system – iOS 13.5.

Calling it a "big milestone for jailbreaking," one of its creators, a hacker called Pwn20wnd, heralded the new jailbreak release on Twitter, claiming it's the first zero-day jailbreak for the iPhone platform since iOS 8.

Hackers did not disclose the details of the unpatched iOS flaw their tool relied on. One report on Vice Motherboard said the jailbreak takes advantage of a kernel vulnerability. No matter, the hacker team expect Apple to eventually patch the flaw which is just the "nature" of the business, Pwn20wnd said in the report.

"Even when they release a patch, users can downgrade to the previous iOS version for about two weeks usually, and after that, the users should stay on their versions so that the jailbreak keeps working," according to the hacking team's report of the jailbreak posted to the Unc0ver website. The jailbreak only works on iPhones running iOS 11 through iOS 13.5 and does not work on iOS versions 12.3 to 12.3.2 and 12.4.2 to 12.4.5.

The new jailbreak enables "unrestricted storage access to jailbreak applications for sandbox backwards compatibility," while leaving security restrictions enabled for system and user applications in place, the team said. The new tools also update Phone Rebel case models and bundled packages.

Hackers Release a New Jailbreak that Unlocks Every iPhone (iOS 11 and above)

Hackers release a new jailbreak that unlocks(most) iPhones:

A renowned iPhone hacking team has released a new "jailbreak" tool that unlocks every iPhone, even the most recent models running the latest iOS 13.5.

For as long as Apple has kept up its "walled garden" approach to iPhones by only allowing apps and customizations that it approves, hackers have tried to break free from what they call the "jail," hence the name "jailbreak." Hackers do this by finding a previously undisclosed vulnerability in iOS that break through some of the many restrictions that Apple puts in place to prevent access to the underlying software. Apple says it does this for security. But jailbreakers say breaking through those restrictions allows them to customize their iPhones more than they would otherwise, in a way that most Android users are already accustomed to.

The jailbreak, released by the unc0ver team, supports all iPhones that run iOS 11 and above, including up to iOS 13.5, which Apple released this week.


Original Submission #1Original Submission #2

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 4, Interesting) by Rosco P. Coltrane on Wednesday May 27 2020, @02:30PM (8 children)

    by Rosco P. Coltrane (4757) on Wednesday May 27 2020, @02:30PM (#999656)

    No matter, the hacker team expect Apple to eventually patch the flaw which is just the "nature" of the business,

    Why users have to fight Apple or Google for full control of the devices they have paid for and own, and how it's even legal for Apple or Google to do that, I'll never know. I understand rooting a cellphone should be made technically complicated, or very difficult, to keep unsavvy users from damaging their own systems. But making it impossible should not be legal.

    Starting Score:    1  point
    Moderation   +2  
       Interesting=2, Total=2
    Extra 'Interesting' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   4  
  • (Score: 1, Funny) by Anonymous Coward on Wednesday May 27 2020, @02:40PM

    by Anonymous Coward on Wednesday May 27 2020, @02:40PM (#999661)

    You are obviously a child pornographer or Muslim jihadi.

  • (Score: 2) by darkfeline on Wednesday May 27 2020, @07:37PM (6 children)

    by darkfeline (1030) on Wednesday May 27 2020, @07:37PM (#999877) Homepage

    Uh, I think it's expected for developers to patch a vulnerability that allows an attacker to gain root on your device. Imagine if Thinkpads had a flaw that allowed someone running a program inside an unprivileged sandbox to take over ring 0/-1, and Lenovo wanted to patch the flaw. How is that even legal? Just think of the poor FBI who wants to sift through all your files.

    >making it impossible should not be legal.

    Right, it should be legally required for all computing devices to have a root backdoor. Is that the hill you want to die on?

    --
    Join the SDF Public Access UNIX System today!
    • (Score: 2) by Rosco P. Coltrane on Wednesday May 27 2020, @08:59PM (5 children)

      by Rosco P. Coltrane (4757) on Wednesday May 27 2020, @08:59PM (#999916)

      No: manufacturers should be legally required to unlock devices upon request.

      • (Score: 2) by Mykl on Wednesday May 27 2020, @10:37PM (4 children)

        by Mykl (1112) on Wednesday May 27 2020, @10:37PM (#999950)

        One person's jailbreak is another's 0-day exploit.

        Manufacturers of safes are not required to install backdoors into their products. Doing so would inherently weaken the value that they offer.

        The information stored on your PC or mobile device is arguably way more valuable than what you're storing in that safe. Why should manufacturers create something with an intentional security weakness? If Apple can unlock my device, then the feds can too. So can anyone who managed to obtain a copy of (or reverse engineers) the unlock code.

        • (Score: 2) by Rosco P. Coltrane on Thursday May 28 2020, @12:13AM (3 children)

          by Rosco P. Coltrane (4757) on Thursday May 28 2020, @12:13AM (#999979)

          Did you read what I wrote?

          manufacturers should be legally required to unlock devices upon request - as in, I contact them, prove that it's my device, certify that I know what I'm doing yada-yada, and then send me a key to unlock my device.

          Who's talking about backdoors?

          • (Score: 2, Interesting) by petecox on Thursday May 28 2020, @01:33AM

            by petecox (3228) on Thursday May 28 2020, @01:33AM (#1000017)
            Advanced Android users take for granted root with fastboot oem unlock, or the opportunity to install from unknown sources such as f-droid.

            The walled garden argument is that these 2 measures compromise security yet, yes, Google does warn you of the potential consequences.

            If Apple's policy is to not provide this, why are you still an iOS customer? :)

          • (Score: 2) by Mykl on Thursday May 28 2020, @01:59AM (1 child)

            by Mykl (1112) on Thursday May 28 2020, @01:59AM (#1000025)

            Yes, I read what you wrote.

            If the manufacturer has the means to unlock a device, then that means will eventually be stolen/hacked and exploited by criminals (or the Gubbmint) to do Bad Thingstm to you.

            • (Score: 2) by Rosco P. Coltrane on Thursday May 28 2020, @02:32PM

              by Rosco P. Coltrane (4757) on Thursday May 28 2020, @02:32PM (#1000164)

              That's silly. There are perfectly secure schemes based on private encryption keys. In fact, whenever you pay with a credit card, that's exactly what happens: your credit card's chip responds to challenges using a private EMV secret key that's provisioned in the chip in manufacturing facilities that are better guarded than Fort Knox.

              Clearly you don't understand how encryption works. Please refrain from giving your opinion on things you don't understand.