Alibaba researchers reportedly jailbreak iOS 11.2.1 on iPhone X

Posted:
in iPhone edited December 2017
Security researchers at Alibaba's Pandora Labs claims to have jailbroken Apple's recently released iOS 11.2.1 running on iPhone X, proving the latest version of the operating system contains vulnerabilities open to exploit.




The jailbreak, announced in a post to Alibaba's security blog on Friday, arrives just two days after Apple issued iOS 11.2.1 on Wednesday.

"Although iOS 11.2 fixes some security issues, we confirmed on the day of release that the new version will still be able to jailbreak." said Song Yang, head of Ali Secure Pandora Laboratories. "Although we soon escaped iOS 11.2 perfectly, we were limited to security research purposes, so jailbreak tools will not be provided."

Seen in the photo above, taken on Thursday, researchers at Pandora Labs successfully leveraged undocumented iOS 11.2 loopholes to install an eponymous app using Cydia. Earlier today, the blog post was updated to confirm a jailbreak of iOS 11.2.1, Apple's latest firmware iteration.

Apple released iOS 11.2.1 to restore shared HomeKit access, a feature that was temporarily disabled following the discovery of a critical flaw that threatened the security of connected appliances controlled by Apple's smart home platform. The company promised to issue a permanent fix for the issue on Monday.

While Pandora Labs declined to detail techniques used in the jailbreak, an accompanying screenshot suggests the implementation takes advantage of a memory buffer overflow bug to trigger a kernel panic. Researcher Long Lei, who is credited with reporting seven security vulnerabilities to Apple, explained iOS 11.1 contained a flawed SMAP mechanism that could be bypassed. Apple fixed that hole in iOS 11.2, forcing researchers to find other SMAP workarounds.

Today's jailbreak claims come on the heels of Google's release of a tool that assists in hacking iOS devices running iOS 11.1.2. Created by Google Project Zero employee Ian Beer, the proof of concept is designed to help researchers test the security layers of iOS without curating their own exploits.
«1

Comments

  • Reply 1 of 23
    Gee, it's a good thing that Alibaba isn't in Russia or China... oh, wait.
    edited December 2017 GeorgeBMacbb-15watto_cobracornchip
  • Reply 2 of 23
    davendaven Posts: 457member
    Will Alibaba provide the jailbreaks to Apple and why is Google releasing tools that assist in hacking iOS devices?
    bb-15watto_cobra
  • Reply 3 of 23
    sflocalsflocal Posts: 4,094member
    The jailbreaking community is so ridiculously small now.  One way or another it will be closed so for the time being I guess Alibaba is just claiming bragging rights.
    peterhartlkrupp[Deleted User]StrangeDaysbb-15watto_cobracornchip
  • Reply 4 of 23
    jd_in_sbjd_in_sb Posts: 1,477member
    what killer apps does jailbreaking offer these days? In the early days I used to jailbreak for things now built into iOS, like a personal hotspot, and email signatures.  Jay the founder of Cydia lives near me and told me that it is still a thriving business so there must be something of value. Perhaps WiFi password viewer? That was cool. 
    bb-15watto_cobra
  • Reply 5 of 23
    jd_in_sb said:
    what killer apps does jailbreaking offer these days? 
    Wondering the same thing. iOS is so evolved and advanced anymore. Why risk it? ¯\_(ツ)_/¯
    Scot1watto_cobra
  • Reply 6 of 23
    jd_in_sb said:
    what killer apps does jailbreaking offer these days? In the early days I used to jailbreak for things now built into iOS, like a personal hotspot, and email signatures.  Jay the founder of Cydia lives near me and told me that it is still a thriving business so there must be something of value. Perhaps WiFi password viewer? That was cool. 
    I don't know about "killer" apps but you can add Google Maps to CarPlay or add Live Photos capability to older devices.  Saw that answer on 9to5.
    bb-15cornchip
  • Reply 7 of 23
    I'm surprised this isn't a violation of the DMCA.  Or maybe it is, but it's not in Apple's interest to give it extra publicity?
  • Reply 8 of 23
    jd_in_sb said:
    what killer apps does jailbreaking offer these days? In the early days I used to jailbreak for things now built into iOS, like a personal hotspot, and email signatures.  Jay the founder of Cydia lives near me and told me that it is still a thriving business so there must be something of value. Perhaps WiFi password viewer? That was cool. 
    iOS didn’t have personal hotspot? Or the mobile phone plan you were paying for didn’t offer it and jailbreaking allowed you to get around the restriction?
  • Reply 9 of 23
    peterhart said:
    jd_in_sb said:
    what killer apps does jailbreaking offer these days? 
    Wondering the same thing. iOS is so evolved and advanced anymore. Why risk it? ¯\_(ツ)_/¯
    To get rid of slow, framedropping animations, the notifications mess, lacking appointments on the lockscreen and other UI shortcomings that ridiculize iOS. Even moving the text cursor a single position is a headache. For only 10 years now.
    edited December 2017 bb-15cornchip
  • Reply 10 of 23
    avon b7avon b7 Posts: 2,199member
    Bacillus3 said:
    peterhart said:
    jd_in_sb said:
    what killer apps does jailbreaking offer these days? 
    Wondering the same thing. iOS is so evolved and advanced anymore. Why risk it? ¯\_(ツ)_/¯
    Get rid of slow, framedropping animations, the notifications mess, getting appointments on the lockscreen and other UI shortcomings that ridiculize iOS. Even moving the text cursor a single position is a headache. For only 10 years now.
    That one is a big niggle for me. Amazing it hasn't been dealt with by now.

    EDIT:

    I just investigated a bit more and found there is a solution. A simple solution. Sliding your finger left or right along the spacebar (at least with GBoard) will move the insertion point one character at a time.
    edited December 2017
  • Reply 11 of 23
    Bacillus3 said:
    peterhart said:
    jd_in_sb said:
    what killer apps does jailbreaking offer these days? 
    Wondering the same thing. iOS is so evolved and advanced anymore. Why risk it? ¯\_(ツ)_/¯
    To get rid of slow, framedropping animations, the notifications mess, lacking appointments on the lockscreen and other UI shortcomings that ridiculize iOS. Even moving the text cursor a single position is a headache. For only 10 years now.
    And Android, you're forgetting that part. Coming up with rich UI on a mobile is/was the issue. It all had to be invented at the time. Let's revisit a 2010 article about this topic...

    Google still has major issues with text selection and editing on Android devices. The first striking problem is that there is not a consistent method of selecting text on the device. None. At all. In the browser, you long press on text to bring up your anchors, then drag and tap the center of your selection — boom, copied text. In text editing fields, however, in order to select a word you must long press on the word, wait for a contextual menu to pop up, and then select “select word” — a completely counterintuitive process. In the message app you can long press to select only the entire message, and in Google Reader? You can’t select any text at all. Even worse, Gmail has a different method for selecting text from an email you’re reading, and it’s far more obnoxious than any of the others. There, selecting text goes from being mildly annoying to downright silly. Want to grab some text out of an email? Here’s your process: hit the menu key, hit “more,” hit “select text,” and then finally drag your anchors out. Funnily enough, a little cursor appears when you start selecting — a holdover from Linux? To have this many options and discrepancies over something as simple as copy and paste should be embarrassing to Google. What it mostly is, however, is a pain to the end user.
    https://www.engadget.com/2010/12/10/nexus-s-review/

    And on iOS:

    And I think about the iPhone, which didn’t get text selection and copy-and-paste until version 3.0two years after it debuted. It’s hard to get these things right.
    https://daringfireball.net/linked/2010/12/14/engadget-nexus-s
    edited December 2017 pscooter63watto_cobracornchip
  • Reply 12 of 23
    I'm surprised this isn't a violation of the DMCA.  Or maybe it is, but it's not in Apple's interest to give it extra publicity?
    I believe it does in fact violate the DMCA.
  • Reply 13 of 23
    focherfocher Posts: 617member
    sflocal said:
    The jailbreaking community is so ridiculously small now.  One way or another it will be closed so for the time being I guess Alibaba is just claiming bragging rights.
    Jailbreaking is based on the availability of Zero Day exploits. It's not about bragging rights, it's about the published fact that there is at least one known Zero Day exploit for iOS. There are undoubtedly more, and plenty more nefarious parties - both criminal and government - that depend on these to do their stuff.
  • Reply 14 of 23
    focherfocher Posts: 617member

    I'm surprised this isn't a violation of the DMCA.  Or maybe it is, but it's not in Apple's interest to give it extra publicity?
    I believe it does in fact violate the DMCA.
    Nope. Under the Library of Congress order granting the DMCA exemption:

    "This exemption is a modification of the proponents’ proposal. It permits the circumvention of computer programs on mobile phones to enable interoperability of non-vendor approved software applications (often referred to as “jailbreaking”), but does not apply to tablets – as had been requested by proponents – because the record did not support it."

    So technically, phones can be jailbroken but not tablets.
    edited December 2017
  • Reply 15 of 23
    Bacillus3 said:
    peterhart said:
    jd_in_sb said:
    what killer apps does jailbreaking offer these days? 
    Wondering the same thing. iOS is so evolved and advanced anymore. Why risk it? ¯\_(ツ)_/¯
    To get rid of slow, framedropping animations, the notifications mess, lacking appointments on the lockscreen and other UI shortcomings that ridiculize iOS. Even moving the text cursor a single position is a headache. For only 10 years now.
    Personally, I don't have the time or energy to pursue the whole jailbreaking deal anymore (stopped doing IT stuff in my leisure time years ago).  Security is the prime focus now with jailbreaking (understandably) but it wasn't always that way.  There were a number of Cydia apps developed that provided features wanting in standard IOS and ended up at Apple along with the authors.  I concur 100% with the bolded sections above (as well as the iTunes puke-fest) but now with the jailbreaking community snuffed out, how to bring pressure to bear or get Apple to notice?
  • Reply 16 of 23
    focher said:

    I'm surprised this isn't a violation of the DMCA.  Or maybe it is, but it's not in Apple's interest to give it extra publicity?
    I believe it does in fact violate the DMCA.
    Nope. Under the Library of Congress order granting the DMCA exemption:

    "This exemption is a modification of the proponents’ proposal. It permits the circumvention of computer programs on mobile phones to enable interoperability of non-vendor approved software applications (often referred to as “jailbreaking”), but does not apply to tablets – as had been requested by proponents – because the record did not support it."

    So technically, phones can be jailbroken but not tablets.
    And how does it treat foreign actors with regard to this practice?
  • Reply 17 of 23
    focher said:

    I'm surprised this isn't a violation of the DMCA.  Or maybe it is, but it's not in Apple's interest to give it extra publicity?
    I believe it does in fact violate the DMCA.
    Nope. Under the Library of Congress order granting the DMCA exemption:

    "This exemption is a modification of the proponents’ proposal. It permits the circumvention of computer programs on mobile phones to enable interoperability of non-vendor approved software applications (often referred to as “jailbreaking”), but does not apply to tablets – as had been requested by proponents – because the record did not support it."

    So technically, phones can be jailbroken but not tablets.
    And how does it treat foreign actors with regard to this practice?
    It doesn't matter.  They LOC aren't reserving jailbreaking for Americans only.  Also wouldn't matter because our laws don't govern other countries.  Also doesn't matter because they didn't release a jailbreak.  It just doesn't matter.
    singularitySpamSandwich
  • Reply 18 of 23
    Bacillus3 said:
    peterhart said:
    jd_in_sb said:
    what killer apps does jailbreaking offer these days? 
    Wondering the same thing. iOS is so evolved and advanced anymore. Why risk it? ¯\_(ツ)_/¯
    To get rid of slow, framedropping animations, the notifications mess, lacking appointments on the lockscreen and other UI shortcomings that ridiculize iOS. Even moving the text cursor a single position is a headache. For only 10 years now.
    Too move the cursor to a precise location, force touch on the Apple keyboard, then, while keeping force touche, use the keyboard as a touch pad to move the cursor in all directions. Been like that for quite some time. iOS 10 at least. Of course you need a force touch capable device so iPhone 6S or better. On iPad, use the same trick by sliding two fingers (nearby each other) on the keyboard instead of force touch. A bit trickier but does the job too. 
    bb-15watto_cobracornchip
  • Reply 19 of 23
    Bacillus3 said:
    peterhart said:
    jd_in_sb said:
    what killer apps does jailbreaking offer these days? 
    Wondering the same thing. iOS is so evolved and advanced anymore. Why risk it? ¯\_(ツ)_/¯
    To get rid of slow, framedropping animations, the notifications mess, lacking appointments on the lockscreen and other UI shortcomings that ridiculize iOS. Even moving the text cursor a single position is a headache. For only 10 years now.
    Too move the cursor to a precise location, force touch on the Apple keyboard, then, while keeping force touche, use the keyboard as a touch pad to move the cursor in all directions. Been like that for quite some time. iOS 10 at least. Of course you need a force touch capable device so iPhone 6S or better. On iPad, use the same trick by sliding two fingers (nearby each other) on the keyboard instead of force touch. A bit trickier but does the job too. 
    watto_cobracornchip
  • Reply 20 of 23
    bb-15bb-15 Posts: 170member
    Bacillus3 said:
    peterhart said:
    jd_in_sb said:
    what killer apps does jailbreaking offer these days? 
    Wondering the same thing. iOS is so evolved and advanced anymore. Why risk it? ¯\_(ツ)_/¯
    To get rid of slow, framedropping animations, the notifications mess, lacking appointments on the lockscreen and other UI shortcomings that ridiculize iOS. Even moving the text cursor a single position is a headache. For only 10 years now.
    Too move the cursor to a precise location, force touch on the Apple keyboard, then, while keeping force touche, use the keyboard as a touch pad to move the cursor in all directions. Been like that for quite some time. iOS 10 at least. Of course you need a force touch capable device so iPhone 6S or better. On iPad, use the same trick by sliding two fingers (nearby each other) on the keyboard instead of force touch. A bit trickier but does the job too. 
    That is what I do to move a cursor in iOS. With personal computing, if I'm not using a mouse, the cursor control in iOS is some of the best I've seen.
    As for other complaints; I stop animations in iOS settings.  
    watto_cobrawillcropoint
Sign In or Register to comment.