The Apple Vision Pro has already been hacked

AppleInsiderAppleInsider
Posted:
in Apple Vision Pro edited February 3

Within a day after the release of the Apple Vision Pro, a security researcher claims to have created a kernel exploit for visionOS, opening the way towards a potential jailbreak and malware creation.

A forced restart of the Apple Vision Pro [x/0xjprx]
A forced restart of the Apple Vision Pro [x/0xjprx]



The first releases of new hardware is often accompanied by a gold rush of security researchers and malware developers working to break the operating system. Just as jailbreak makers try to break iOS, people are already causing security problems for the Apple Vision Pro.

In a late Friday tweet by MIT Microarchitectural Security PHD student Joseph Ravichandran, it is claimed that a kernel exploit has been made for the Apple Vision Pro, potentially the first ever publicly discovered.

The world's first(?) kernel exploit for Vision Pro- on launch day! pic.twitter.com/9rVtaSmbei

-- Joseph Ravichandran (@0xjprx)



The tweets, spotted by iDevice Central, detail in a few photographs how the Apple Vision Pro reacts to the attempted kernel exploit. After being introduced, the Apple Vision Pro goes to a full passthrough view, before warning the user to remove the headset as it will restart within 30 seconds.

After the restart, another image shows a panic log for the headset, showing that the kernel had crashed.

Ravichandran also posted another image for the "Vision Pro Crasher" application, complete with a headset-wearing skull image and a button to "Crash My Vision Pro."

It is unclear if the researcher has submitted the findings to Apple, or if they intend to at all. If they do, there's a small chance that it could qualify under the Apple Security Bounty program.

Given Apple's tendency to work fast on security issues, as well as the high-profile nature of the Apple Vision Pro launch, it is likely that Apple will issue an update fixing the problem if the issue is disclosed.

At this extremely early stage, considering the slow roll-out of devices to a generally tech-literate early adopters, it seems unlikely that the discovery will cause issues for Apple and its users.



Read on AppleInsider

dewme

Comments

  • Reply 1 of 7
    ClassicGeekClassicGeek Posts: 25unconfirmed, member
    Looking at the panic log picture it appears to show this Vision Pro running 1.0 not the current 1.0.2 version of visionOS. 
    ForumPostbyronlwatto_cobra
  • Reply 2 of 7
    gweedogweedo Posts: 5member
    A developer is able to crash the Vision Pro?! :D <eye roll> This is not news.  When someone is able to remotely exploit one it will be interesting.
    williamlondonwatto_cobra
  • Reply 3 of 7
    kmareikmarei Posts: 183member
    Just imagine
    a jailbroken vision pro with a pornhub app :)
    watto_cobra
  • Reply 4 of 7
    NunnyobizzNunnyobizz Posts: 24member
    kmarei said:
    Just imagine
    a jailbroken vision pro with a pornhub app :)

    Wouldn’t do much good.  Stripchat VR doesn’t even recognize AVP as VR capable in their VR rooms.  

    watto_cobra
  • Reply 5 of 7
    beowulfschmidtbeowulfschmidt Posts: 2,141member
    gweedo said:
    A developer is able to crash the Vision Pro?! :D <eye roll> This is not news.  When someone is able to remotely exploit one it will be interesting.
    Crashing the kernel is a good way to find clues to exploits that will not crash, and later on to taking control of the device.  Lots and lots of existing exploits were discovered in crash dumps.
    watto_cobra
  • Reply 6 of 7
    dutchlorddutchlord Posts: 214member
    kmarei said:
    Just imagine
    a jailbroken vision pro with a pornhub app :)
    A true immersive experience for sure🤣
    watto_cobra
  • Reply 7 of 7
    avon b7avon b7 Posts: 7,703member
    dutchlord said:
    kmarei said:
    Just imagine
    a jailbroken vision pro with a pornhub app :)
    A true immersive experience for sure🤣
    And they'd need new gesture recognition options for those down facing cameras! 
Sign In or Register to comment.