Jailbreak for all iOS 13.5 devices coming soon, hackers say
The team behind jailbreaking tool "unc0ver" on Wednesday said a new version of the software currently undergoing performance testing is effective against all current iOS versions, including the recently released iOS 13.5.
Leveraging an unspecified zero-day kernel exploit discovered by researcher "pwn2ownd," version 5.0 of "unc0ver" is capable of jailbreaking "every signed iOS version on every device," the "unc0ver Team" said in a tweet.
According to the group's webpage, the upcoming "unc0ver" iteration supports Apple-signed iOS releases from iOS 11 through iOS 13.5.
In August 2019, pwn2ownd released a version of unc0ver effective on devices running then-current iOS versions after Apple mistakenly unpatched a critical vulnerability in iOS 12.4. The first publicly available jailbreak to see wide distribution in years, unc0ver was neutralized with a subsequent fix issued in September. That same month, hacker "axi0mX" unveiled a tethered jailbreak for iOS 13.1.1 utilizing the Checkm8 exploit.
Jailbreaks are commonly used to escape Apple's "sandbox," granting access to hardware and software features not accessible by users under normal circumstances. The jailbreak community thrived in the early days of iOS thanks in part to Apple's iron fist implementation of iOS, but the technique slowly fell out of favor as the platform matured, gaining official customization options and app affordances.
Today's jailbreak news arrives just hours after Apple issued iOS 13.5 with a number of new features and user experience tweaks designed to cope with the ongoing coronavirus pandemic. For example, devices with Face ID authentication will automatically display a manual passcode verification prompt when a face mask is detected.
Apple's latest iOS version also includes the first public release of the company's Exposure Notification API. Developed in partnership with Google, the cross-platform tracking solution logs contact with anonymized Bluetooth beacons and, paired with a voluntary alert system, notifies users to recent interactions with participants who report contraction of COVID-19. Public health agencies developing contact tracing apps can build on the latticework as Apple and Google work to bake Exposure Notification assets into their respective iOS and Android operating systems.
Leveraging an unspecified zero-day kernel exploit discovered by researcher "pwn2ownd," version 5.0 of "unc0ver" is capable of jailbreaking "every signed iOS version on every device," the "unc0ver Team" said in a tweet.
According to the group's webpage, the upcoming "unc0ver" iteration supports Apple-signed iOS releases from iOS 11 through iOS 13.5.
In August 2019, pwn2ownd released a version of unc0ver effective on devices running then-current iOS versions after Apple mistakenly unpatched a critical vulnerability in iOS 12.4. The first publicly available jailbreak to see wide distribution in years, unc0ver was neutralized with a subsequent fix issued in September. That same month, hacker "axi0mX" unveiled a tethered jailbreak for iOS 13.1.1 utilizing the Checkm8 exploit.
Jailbreaks are commonly used to escape Apple's "sandbox," granting access to hardware and software features not accessible by users under normal circumstances. The jailbreak community thrived in the early days of iOS thanks in part to Apple's iron fist implementation of iOS, but the technique slowly fell out of favor as the platform matured, gaining official customization options and app affordances.
Today's jailbreak news arrives just hours after Apple issued iOS 13.5 with a number of new features and user experience tweaks designed to cope with the ongoing coronavirus pandemic. For example, devices with Face ID authentication will automatically display a manual passcode verification prompt when a face mask is detected.
Apple's latest iOS version also includes the first public release of the company's Exposure Notification API. Developed in partnership with Google, the cross-platform tracking solution logs contact with anonymized Bluetooth beacons and, paired with a voluntary alert system, notifies users to recent interactions with participants who report contraction of COVID-19. Public health agencies developing contact tracing apps can build on the latticework as Apple and Google work to bake Exposure Notification assets into their respective iOS and Android operating systems.
Comments
Hopefully when this is released Apple is the first to download and reverse engineer it... and squash it.
The last time I jail-broke an iPhone was the first gen. iPhone when I got the iPhone 3G. The main purpose was to record video. I also downloaded the "I Am Rich" app on that via the jail-break.
The necessity of jail-breaking is now less for the average user, but I can see how it makes for a nice hobby to the tech enthusiasts.
As for the necessity of jail breaking, people tend to forget that key features like recording videos and using your phone as a WiFi hotspot for your laptop didn't exist in the first couple of releases of iOS. But I agree that nowadays there's no real reason to do it aside from technical curiosity.
I know there’s a recent story reference here, but I’m not able to recall what it is...
another hint?
iOS caught up in features eventually, stopping my personal need for jailbreaking. I’ve had non-jalibroken iPhones for years, and was happy with them. Until now that is..
I’m definitely jailbreaking my SE(2020). For one purpose only. I want to use Haptic Touch for notifications again.
It’s a ridiculous choice, if not misstep, to leave out this key function in a perfectly capable device. In my opinion, with doing so, Apple is bullying SE owners for spending a little less on a phone.
So yes, jailbreak it shall be.
razorpit said: iOS security is totally rotten nowadays. It’s wide open. In fact, you can almost feel a draft coming out that ancient Lightning port.
They can, and probably will, patch this particular zero day exploit. But there’s 100s of exploits waiting after this one, no doubt. Stop being naive and wake up: Apple has lost this battle and will not recover without building a completely new OS from the ground up, which they won’t.