Over the weekend, we told you about an ambitious project called kernel file descriptor (or kfd for short) that would help jailbreak developers achieve kernel read and write privileges on firmware up to and including iOS & iPadOS 16.5.
This week, hacker and developer tihmstar Tweeted an update about their project called libpatchfinder, which can make finding offsets on iOS & iPadOS 16 easier for anyone who attempts to make a jailbreak.
Offsets are required for exploits to make them viable in jailbreaking, which is why this is important.
According to Dopamine lead developer Lars Fröder, we’re just a Pointer Protection Layer (PPL) bypass away from having everything we need to jailbreak firmware up to and including iOS & iPadOS 16.5. At this time, a PPL bypass isn’t yet available for these versions.
Fröder also said he doesn’t plan to work on an iOS & iPadOS 16 jailbreak, but didn’t rule it out either. Instead, he said he wouldn’t make announcements about one, likely a consequence of how Dopamine was open-sourced and the beta leaked before it was intended to be made publicly available.
Many people are now considering whether they should DelayOTA to iOS or iPadOS 16.5 from an older firmware, and that’s a tough one because ordinarily, you want to stay on the lowest possible firmware until a jailbreak comes out. But now we have a way to achieve kernel read and write on firmware as new as iOS & iPadOS 16.5, so we’ll try to spell out our recommendation below.
If you’re already jailbroken, especially on a TrollStore-supported firmware with Dopamine, then we recommend staying where you are and keeping your existing jailbreak. If you’re not yet jailbroken, and are waiting for a jailbreak on iOS or iPadOS 16, then you have the option to use the DelayOTA method to upgrade to iOS or iPadOS 16.5 right now and for quite a while longer.
Also see: How to DelayOTA update non-jailbroken iPhones and iPads
The DelayOTA method lets you upgrade to an unsigned firmware up to 90 days after Apple stops signing it, and since it was only just unsigned at the end of June, you still have around two more months to wait and see what happens with kfd and whether a PPL bypass comes out.
All of this, in addition to the high hopes that someone can work on a jailbreak.
As more information surfaced about exploits, bypasses, and everything in between, we will keep you apprised. It will be interesting to see what materializes from all of this, so keep it tuned to iDB for the latest updates as they happen.