Ever since a kernel-level exploit for iPhones and iPads running iOS & iPadOS 15.0-15.1.1 officially dropped, major players of the jailbreak community have been looking into the feasibility of incorporating it into a public jailbreak. Odyssey Team lead developer CoolStar was among one of the first to publicly acknowledge this, however they also warned about how changes made under the hood would make jailbreaking later firmware on A12 and newer devices more of a challenge.
Late last night, CoolStar took to the Sileo / Taurine / Odyssey Discord channel to further elaborate on the details, and this time, they broke it down for us on a per-device basis so that it would be easier to understand the new challenges posed by Apple’s aggressive security mitigations.
The breakdown further confirmed that A9-A11-equipped iPhones and iPads should be fairly straightforward to jailbreak on all versions of iOS & iPadOS 15. These devices are not only susceptible to the iOS & iPadOS 15.0-15.1.1 exploit, but also to the bootrom exploit-based checkra1n jailbreak that is currently being worked on with respect to iOS & iPadOS 15 support. The only caveat here is that semi-untethered jailbreaks on iOS & iPadOS 15 will need to be rootless.
We can also gather that an iOS & iPadOS 15.0-15.1.1 jailbreak should be feasible on A12 and newer handsets, however making it work will require what’s known as a sandbox escape. This is effectively a fancy name for an exploit that allows arbitrary code to execute from a sandbox and then to run well outside of the parameters of the isolated environment that the sandbox was intended to create.
Where things get trickier is with respect to iOS & iPadOS 15.2 and later on A12 and newer handsets. While we don’t currently have a viable exploit to support this firmware yet, CoolStar did warn that additional changes made by Apple will make jailbreaking this combination of firmware (15.2 and later) and hardware (12 and newer) much more of a challenge.
This is because ‘setuid’ no longer works and jailbreaks will purportedly require a userland bug just to get code execution as root at minimum. As a result, things like sudo and even Sileo will not work properly and will require significant updates even if a jailbreak can be accomplished on such devices — once again, this only refers to iOS & iPadOS 15.2 and later on A12 and newer devices, as the same firmware on A9-A11 devices shouldn’t require as much effort to jailbreak.
Because of how Apple appears to be closing the walls in on the jailbreak methods that many of us have become so accustomed to over the years, CoolStar goes on to call for government action to combat Apple’s aggressive stance with antitrust and right-to-repair. While they acknowledge that these security mechanisms are good for keeping a user’s device safe, the device’s end user ultimately shouldn’t need to ‘hack’ their device to customize it how they wish.
We tend to agree with CoolStar’s synopsis here. Apple continues to steamroll over users’ growing calls for user choice on its platforms, while simultaneously upsetting developers because of its anti-competitive practices. Examples include Apple’s firm stance against native sideloading capabilities and its high commission costs paid by developers to sell apps via the App Store. With customization, Apple tends to take a “we know best” approach, drowning out its users’ desires.
While it’s unfortunate to learn that newer Apple devices such as the iPhone XS and later will require additional and more complex steps to achieve a jailbreak on iOS or iPadOS15, this wasn’t unexpected. Apple continues to make its devices more secure; but it’s important to remember in these trying times that higher security doesn’t mean “hack proof.”
Just yesterday, a /r/jailbreak user started (and later closed) a bounty in an effort to help motivate jailbreak developers or work on a public jailbreak for iOS & iPadOS 15. After gaining more than $5,200 in support, the user decided instead to include direct donation links to the Patreon of Odyssey Team lead developer CoolStar and unc0ver team lead developer Pwn20wnd.
How do you feel regarding CoolStar’s latest comments about jailbreaking iOS & iPadOS 15? Be sure to discuss in the comments section down below.