Back in the earlier days of iPhones, ‘jailbreaking’ happened quite regularly, where hackers would ‘jailbreak’ into the smartphone to download apps that weren’t available through the App Store.
Since the App Store’s options have grown substantially, jailbreaking appeared to be more and more a thing of the past.
However, just last month, new security research has revealed the first free iPhone jailbreak in years. And it could make jailbreaking permanent on iPhones 4S, iPhones X, and iPhones 8/Plus.
RELATED: APPLE’S IPHONE 11 IS ALL ABOUT THE CAMERA
What exactly is going on with this jailbreak?
Twitter user axi0mX was the person who unveiled the bootrom, named checkm8 — pronounced ‘checkmate’ — which is what makes the jailbreak possible.
EPIC JAILBREAK: Introducing checkm8 (read “checkmate”), a permanent unpatchable bootrom exploit for hundreds of millions of iOS devices.
Most generations of iPhones and iPads are vulnerable: from iPhone 4S (A5 chip) to iPhone 8 and iPhone X (A11 chip). https://t.co/dQJtXb78sG— axi0mX (@axi0mX) September 27, 2019
Bootrom exploits use vulnerabilities in iOS codes to their advantage, as explained by The Verge. Devices use these codes to load when they boot into gear. As it is read-only memory (ROM), it is permanent. This means that Apple can’t override it through a software update, and in other words, it means this new exploit is unpatchable.
Now, this isn’t to say everyone with an iPhone ranging from the iPhone 4S to the iPhone X will undergo this jailbreaking. Moreover, the exploit can only work through physical access to the smartphone through a USB.
Even though hundreds of millions of iPhone users may be at risk, it’s highly unlikely that many will be affected. As it stands, there has been no news of any jailbreaking through checkm8.
HACKED! Verbose booting iPhone X looks pretty cool. Starting in DFU Mode, it took 2 seconds to jailbreak it with checkm8, and then I made it automatically boot from NAND with patches for verbose boot. Latest iOS 13.1.1, and no need to upload any images. Thanks @qwertyoruiopz pic.twitter.com/4fyOx3G7E0— axi0mX (@axi0mX) September 29, 2019
Naturally, as with all technological advancements, this may change, and in the future, there may be no need for a USB to access the phones. This, in turn, could leave millions of devices vulnerable.
Source: Interesting Engineering