Mobile virtualisation company Corellium has released a version of Android that runs on certain iPhones, by using a so-called jailbreak, a vulnerability that bypasses Apple's strict software and security restrictions on devices.
Known as Project Sandcastle, Corellium's Android version is released as beta software that has only received limited testing, and users are warned to be cautious when installing it.
The jailbreak that Sandcastle is based on is the Checkra1n exploit that was discovered in September last year and the PongoKit software development kit and PongoOS operating system.
By using Checkra1n, it is possible to bypass Apple's boot read-only memory protections run a copy of Google's Android mobile operating system in memory on iPhones.
Sandcastle does not persist on the device, and users can return to iOS by rebooting their iPhones.
Presently, only iPhone 7 and 7+ that appeared in 2016 are supported by Sandcastle, along with iPod 7G.
Sandcastle can't make use of the graphics processor on iPhone 7s, or the audio circuitry and camera.
Nor do cellular and Bluetooth connections work yet, but WiFi runs, making it possible to over-the-top apps such as Signal for calls and messaging.
A Linux build of Sandcastle is also available, and Corellium has released the source code for the software on Github.
Corellium's work on iPhone virtualisation has been noticed by Apple, which has taken the company to court, alleging that developing software that can be used to jailbreak devices violates the trafficking provisions in the United States Digital Millennium Copyright Act (DMCA).
