Google releases tool that helps security researchers hack iOS devices
Google this week released a proof of concept tool that allows security researchers, and other developers, to hack into iOS 11.1.2, software that could lead to a jailbreak for devices running that OS version.
Created by noted iOS bug hunter Ian Beer, the tool released on Monday takes advantage of an exploit called "tfp0," which has since been patched in Apple's latest iOS 11.2 release.
Beer, a member of Google's Project Zero, told Motherboard the proof of concept is designed to help security researchers test the security layers of iOS without curating their own exploits. The tool was tested on iPhone 6s, iPhone 7 and iPod touch 6G, but Beer is confident it will work on all devices.
"tfp0 should work for all devices, the PoC local kernel debugger only for those I have to test on (iPhone 7, 6s and iPod Touch 6G) but adding more support should be easy," Beer wrote.
The Google researcher pre-announced Monday's release in a tweet last week, sparking hope of a fresh exploit for Apple's famously secure operating system.
"If you're interested in bootstrapping iOS 11 kernel security research keep a research-only device on iOS 11.1.2 or below. Part I (tfp0) release soon," Beer said at the time.
For the jailbreaking community, an un-patched exploit represents a rare and valuable opportunity to bootstrap an iPhone jailbreak. Because Apple's OS is so secure, researchers who find exploits or bugs often opt to sell them to third parties, or collect a bug bounty from Apple, instead of making them publicly available.
For Google, the tool is a means to an end for security researchers looking for previously unreported bugs. The exploit effectively acts as an inroad into iOS, providing developers access to root around in the OS until Apple issues a fix. Though iOS 11.2 patches the hole, Apple is still signing for iOS 11.1.2, meaning users can install the vulnerable iOS version on current hardware.
Due to its maturity as a platform and built-in security protocols, iOS jailbreaks are few and far between. According to Can I Jailbreak, a site dedicated to tracking iOS jailbreaks, the latest jailbreak affects iOS 10 and does not function on iPhone 7.
Despite early popularity with users who wanted to add customizations to their iPhone beyond those offered within Apple's walled garden, jailbreaking has become somewhat of a dying art. Last month, Cydia repositories ModMy, formerly ModMyi, and ZodTTD/MacCiti announced they would no longer accept new packages.
While a jailbreak for iOS 11 has yet to surface, Beer's contribution will likely hasten the process.
Created by noted iOS bug hunter Ian Beer, the tool released on Monday takes advantage of an exploit called "tfp0," which has since been patched in Apple's latest iOS 11.2 release.
Beer, a member of Google's Project Zero, told Motherboard the proof of concept is designed to help security researchers test the security layers of iOS without curating their own exploits. The tool was tested on iPhone 6s, iPhone 7 and iPod touch 6G, but Beer is confident it will work on all devices.
"tfp0 should work for all devices, the PoC local kernel debugger only for those I have to test on (iPhone 7, 6s and iPod Touch 6G) but adding more support should be easy," Beer wrote.
The Google researcher pre-announced Monday's release in a tweet last week, sparking hope of a fresh exploit for Apple's famously secure operating system.
"If you're interested in bootstrapping iOS 11 kernel security research keep a research-only device on iOS 11.1.2 or below. Part I (tfp0) release soon," Beer said at the time.
For the jailbreaking community, an un-patched exploit represents a rare and valuable opportunity to bootstrap an iPhone jailbreak. Because Apple's OS is so secure, researchers who find exploits or bugs often opt to sell them to third parties, or collect a bug bounty from Apple, instead of making them publicly available.
For Google, the tool is a means to an end for security researchers looking for previously unreported bugs. The exploit effectively acts as an inroad into iOS, providing developers access to root around in the OS until Apple issues a fix. Though iOS 11.2 patches the hole, Apple is still signing for iOS 11.1.2, meaning users can install the vulnerable iOS version on current hardware.
Due to its maturity as a platform and built-in security protocols, iOS jailbreaks are few and far between. According to Can I Jailbreak, a site dedicated to tracking iOS jailbreaks, the latest jailbreak affects iOS 10 and does not function on iPhone 7.
Despite early popularity with users who wanted to add customizations to their iPhone beyond those offered within Apple's walled garden, jailbreaking has become somewhat of a dying art. Last month, Cydia repositories ModMy, formerly ModMyi, and ZodTTD/MacCiti announced they would no longer accept new packages.
While a jailbreak for iOS 11 has yet to surface, Beer's contribution will likely hasten the process.
Comments
So annoying...
For those who refuse and get what they get... what are they getting exactly? To date, I have heard of any true repercussions from not updating. Have you?
This article helps explain it
https://motherboard.vice.com/en_us/article/d3x3dw/google-releases-iphone-ios-jailbreak-tool
And in addition to that article:
"Although the exploit was made public today, it appears to have been known amongst researchers and hackers for some time.
Chinese jailbreaker Pangu said it has known of the bug since 2016, possibly via a hacker who goes by the moniker "windknown".
Pangu claimed to have used the vulnerability to jailbreak an iPhone in an internal research environmment."
https://www.itnews.com.au/news/google-releases-apple-ios-jailbreak-exploit-479611
Now I've been holding off on updating my iPhone 6 because I don't want another experience like that (and I prefer my phone to current models, for good reasons that would surely make you sneer). Yes, I have only myself to blame if I "get what I get", but if I update my OS and the phone becomes painfully sluggish, I'll still only have myself to blame--sure, I could try to blame Apple, but that wouldn't do me any good, and wouldn't it really also be my fault for making the same mistake twice?
I get why people feel proud to be so knowledgeable about tech that they can scoff at those who don't update, but it's not really informed by other people's real-life situations.
The more people hacking at it, the more secure it becomes. (As long as Apple’s doing its job).
PS: Recently we did see Apple create a quick path for that root access bug, which causes file sharing to stop working properly, which I think had both an Apple stated work around using Terminal and an additional security update to resolve.