iOS 9 security & jailbreaking: there’s no such thing as impossible

iOS 9 Jailbreak Cydia

Recent reports are claiming that Apple’s upcoming iOS update—iOS 9—will make it more difficult to jailbreak iPhones and iPads going forward. Some are even stating that it will be nearly impossible to jailbreak an iPhone running iOS 9.

The reason? Rootless—the kernel-level security feature that was discussed earlier today. This new feature is said to prevent malware, increase the safety of extensions and preserve the security of sensitive data.

When it’s all said and done, Apple’s security efforts in iOS 9 appear to be its most prolific since iOS 5. It could make it more of a challenge for jailbreakers and hackers.

But impossible? There’s nothing that’s impossible when it comes to security. More difficult? Perhaps. More challenging? Maybe. But impossible?

History

Consider this: every single major version of iOS (it was called iPhone OS back in the version 1-3 days) has been jailbroken since the iPhone debuted. Every. Single. One. And that’s not due to a lack of effort by Apple to thwart jailbreakers.

Now consider this: The last three kernel exploits didn’t even use root. In fact, the last public jailbreak that used a root kernel exploit was evasi0n7, back in the winter of 2013.

If there’s one thing that we’ve learned over the past eight years, it’s that hackers love a good challenge. In fact, I’m sure that many of them are salivating at the idea of pulling off the so-called impossible.

It reminds me of the outrage that occurred when Apple implemented ASLR—a security technique that makes it more difficult to jump to a particular exploited function in memory—in iOS 4.3. Did jailbreaking suddenly stop after iOS 4.3? No, it kept going.

Did jailbreaking come to a halt due to lack of interest when Apple released iOS 5 with tons of new security fixes and features that were only once possible with a jailbreak? Nope.

Will jailbreaking suddenly die with iOS 9? Color me skeptical.

Potential issues

The one negative impact that could stem from this initiative has to do with apps that run as root. The most popular app, from a jailbreaking standpoint, that runs as root is Cydia.

Cydia always runs as root, so if root can’t be somehow restored, it may be an issue saurik will need to address. Other apps, like iFile, also run as root.

Motivation

The last thing you want to tell a group of determined hackers is that something can’t be compromised. That’s motivation folks; the sort of thing that hackers thrive on.

Long before the promise of riches became motivation for hackers and security researchers, it was the idea of doing the impossible that drove them to go the extra mile.

Speaking of money, jailbreaking is a big business. Sure, the iPhone business as a whole dwarfs the jailbreaking business a gazillion times over, but the money that’s to be made from jailbreaking is still nothing for us regular folks to scoff at.

And just the idea of making a large subset of users happy and obtaining legendary status (see: George Hotz) may be motivation enough to drive some hackers. The jailbreak community is large. Celebrities jailbreak, your mom might jailbreak. This isn’t some super-obscure subset of users. Lots of people jailbreak. Being revered by all of those people might motivate some.

But forget the money and forget the users.

Nothing beats doing something that you’re told can’t be done. Nothing.

If anyone thinks that this new technology—if it indeed comes to fruition in iOS 9—will make hacking an iPhone impossible, then I’ve got news for you.

Big thanks to @iH8sn0w for helping out and addressing some of these issues with me.