Google releases Apple iOS 'jailbreak' exploit

By on
Google releases Apple iOS 'jailbreak' exploit

Proof of concept works reliably.

Google's Project Zero security researchers have taken the controversial step of releasing an exploit for iOS that can be used to build a jailbreak and allow users to run software from non-Apple sources on the devices.

The exploit is made possible by memory corruption issues in the kernel, the program that controls the operating system for the device.

Project Zero researcher Ian Beer said the exploit should work on all 64-bit iDevices. He has tested it on the iPhone 6s and 7, and iPod Touch 6G.

As Apple's iOS and macOS desktop operating system are built on the same code base, the kernel for the latter is also vulnerable.

The Project Zero researcher said he has tested the bug on macOS 10.13, running on a MacBook Air 5.2.

Beer said the technique for the exploit "should work reliably enough for a security research tool", claiming he had successfully used it nine out of ten times.

Google told US media that Beer's goal was to allow other security researchers to test the security of Apple's iOS without having to create their own exploits.

Apple has patched the flaw in iOS 11.2 and macOS 10.13.1, but earlier versions of the operating systems are vulnerable to the exploit.

Although the exploit was made public today, it appears to have been known amongst researchers and hackers for some time.

Chinese jailbreaker Pangu said it has known of the bug since 2016, possibly via a hacker who goes by the moniker "windknown".

Pangu claimed to have used the vulnerability to jailbreak an iPhone in an internal research environmment. It has not yet released jailbreak software that takes advantage of the kernel bug in question.

Swiss hobbyist developer "Siguza" analysed and further tested and validated Pangu's proof of concept.

"Awesome bug, mad props to Ian Beer (and windknown?)," Siguza wrote.

Apple has staked its reputation for safeguarding user privacy primarily on the security of iOS devices. Exploits that bypass the company's protection measures are highly sought after, with vendors offering hundreds of thousands of dollars for them.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © . All rights reserved.

Most Read Articles

Log In

  |  Forgot your password?