Last September, talented hacker and security researcher iBSparkes made headlines after becoming one of the first to crack the A13-equipped iPhone 11 Pro lineup with a working tfp0 exploit.
Just this afternoon, however, the jailbreak community was touched with an ounce of déjà vu after iBSparkes Tweeted a teaser of what appeared to be successful pwnage of Apple’s shiny new A14-equipped iPhone 12 lineup.
Whether you have an iPhone or another smartphone of a different make and model, one thing we all probably have in common is that someone has attempted to guess our handset’s passcode when we weren’t looking.
The horrible and sad truth is: nosy people exist; but the good news is that anyone with a jailbroken iPhone can now use a newly released and free jailbreak tweak called ToldYou by iOS developer Huseyin Kabasakal to strike back at these nosy people in a somewhat humorous way.
It wasn’t long after the checkm8 bootrom exploit gave rise to the checkra1n jailbreak tool that clever hackers learned how they could use the same exploit (along with other hacks) to tamper with the proprietary T2 chip embedded in a bevy of modern Macs. In fact, the checkra1n jailbreak tool’s most recent update even added support for the T2 chip in Macs for interested tinkerers.
Despite how incredible the aforementioned circumstances sounded to jailbreak enthusiasts at first glance, those on the other side of the fence quickly began wondering about the implications this might have for the security of Apple’s most popular computers. Now, we may finally have some idea thanks to information published by the t8012 Development Team.
There’s a lot going on in the jailbreak community as of right now. Not only is the checkra1n team actively attempting to jailbreak iOS & iPadOS 14 on many more devices, but hacker and security researcher @08Tc3wBB may also soon share details about an exploit viable for jailbreaking iOS & iPadOS 13.7 (the last versions of Apple’s previous-generation mobile operating systems).
If you find yourself more interested in the latter tidbit, which is likely the case if you stayed on the lowest possible firmware after iOS & iPadOS 14 got released, then you might be ecstatic to learn that @08Tc3wBB will present his latest research with security group ZecOps at the Black Hat Europe 2020 event.
Apple has a bug bounty program in place, including a public one it launched last year. This means Apple will pay out money to individuals and groups who discover vulnerabilities in its software, from iOS to macOS.
Google has outlined a new feature, coming to iOS soon, that will notify you in case of a major security issue with your Google account no matter what Google app you’re using at the time.
The only iOS & iPadOS 14 devices that can be publicly jailbroken at the time of this writing are those sporting A9 and A9X processors, and while that could change in the very near future as the checkra1n team works on adding A10 and A10X support, the bigger question involves the likes of much newer devices that aren’t even susceptible to the checkm8 bootrom exploit.
Fortunately, renowned hacker and checkra1n team member Luca Todesco shared a particularly interesting announcement via Twitter Monday afternoon in the form of what appears to be a working exploit and PAC bypass for iOS & iPadOS 14 devices:
There’s a certain stigma surrounding jailbreaking and iOS & iPadOS 14 right about now, and all of it stems from the fact that Apple made its latest and greatest mobile operating systems a lot tougher to crack. But tougher doesn’t mean impossible, and that’s a fact, Jack.
With that in mind, it seemed appropriate to follow up with our optimistic attitude following Brandon Azad’s eye-tearing departure from Project Zero with a bit of good news: software security research group ABC Research appears willing to release an iOS & iPadOS 14-compatible exploit to the general public, assuming certain criteria are met…
The jailbreak community lost a valuable asset on Friday as renowned hacker and security researcher Brandon Azad, known for his involvement with Project Zero and for his work in discovering tfp0 exploits for iOS and iPadOS alike, was hired by Apple.
Azad made the shocking announcement Monday afternoon via Twitter, noting that the bittersweet transition to Apple’s side of the security research fence would begin as soon as next week:
Just last month, hacker and iOS security researcher @08Tc3wBB teased a new exploit that would potentially be viable on iOS and iPadOS 13.6.1. One month later, A.K.A. just two weeks ago, @08Tc3wBB made it known that iOS and iPadOS 13.7 were both vulnerable to this very same exploit. Now, it seems we have confirmation that the exploit would be released for the benefit of the jailbreak community.
In a post shared to /r/jailbreak late last night, @FCE365 (also known as GeoSn0w) appears to question @08Tc3wBB in a direct message about their plans to release the exploit. While we’ve known for some time that @08Tc3wBB planned to release the exploit to the general public at some point, the message reveals the first ever confirmation that it would be shared directly with unc0ver jailbreak lead developer Pwn20wnd:
iOS and iPadOS 14 have only been out for one week, but that hasn’t stopped jailbreak hopefuls for questioning when a universal jailbreak might launch with support for the two. Although the checkra1n team recently announced iOS and iPadOS 14 support for A9 and A9X devices with expected support for A10 and A10X in coming weeks, any and all newer devices are left out in the cold in this regard.
While no jailbreak team has outright stated that they would be taking on the burden of developing a universal iOS and iPadOS 14 jailbreak, some good news is that @ZecOps could be preparing to release a kernel-level local privilege escalation (LPE) that supports iOS and iPadOS 14. The announcement was shared via Twitter just this Wednesday afternoon:
With Apple dropping software updates for its iPhones and iPads as frequently as they do nowadays, it’s particularly exciting when a hacker claims that they’ve pwned one of the company’s latest versions of iOS and/or iPadOS.
The most recent announcement to shake things up came by way of hacker @08Tc3wBB last month in the form of a new exploit for iOS 13.6.1 that allegedly used a different method to achieve its ends than the more traditional tfp0 method that we see in modern jailbreaks like Odyssey and unc0ver. On Monday, the same hacker appeared to validate that the newer iOS 13.7 would be vulnerable to jailbreak-centric exploitation: