Exploit

Hacker teases successful jailbreak on third iOS 13.3.1 beta

Anthony Bouchard ∙ January 27, 2020

It’s no secret that the checkra1n jailbreak tool the jailbreak community by storm. But despite being unfixable by Apple, it’s still always comforting to see a newfangled jailbreak demonstration, especially when it happens on Apple’s latest firmware and when checkra1n isn’t the method of pwnage.

A Tweet with an embedded video demonstration shared Monday afternoon by Twitter user @08Tc3wBB appears to demonstrate an iPhone X on iOS 13.3.1 beta 3 being jailbroken with the assistance of an unknown side-loaded jailbreak app.

Hacker iBSparkes achieves tfp0 on A13 with iOS 13.3

Anthony Bouchard ∙ December 22, 2019

The jailbreak community has been on fire these past few months, with checkra1n delivering an un-patchable jailbreak experience for handsets ranging from the iPhone 5s to the iPhone X, and with unc0ver picking up support for iOS 12.4.1. But hey, why let the pwnage stop there?

Renowned hacker and iOS security researcher iBSparkes broke the silence this weekend after sharing a teaser of what appears to be successful tfp0 on a brand-new A13 device running iOS 13.3. Yes indeed folks, that’s both Apple’s latest hardware and software – pwned in one fell swoop. Not too shabby!

Newly teased tfp0 bug supports iOS 13.3 and A12/A13 devices

Anthony Bouchard ∙ December 20, 2019

It’s always exciting for the jailbreak community when someone comes forward with a brand-new bug that could potentially enable exploitation for jailbreaking newer devices and versions of iOS. After all, Apple tries very hard to keep iOS bug-free and quickly patches anything that even smells jailbreakable.

With that in mind, a newly-teased ‘tfp0’ bug shared first by @08Tc3wBB and later validated by security researcher @RazMashat would appear to be compatible with Apple’s latest and greatest iOS 13.3 firmware on handsets up to and including the A13 variety. Indeed; even the iPhone 11 Pro platform seems to be vulnerable:

Apple offers up to $1.5 million payout for security exploits

Peter Cohen ∙ December 20, 2019

Apple has announced the expansion of the scope and the payouts of its security bounty program. After first making the program invite-only, it now encourages all security researchers to participate. What's more, researchers that discover heretofore unknown exploits in Apple operating systems and services can earn up to $1.5 million, a huge bump from the previous $200,000 cap.

Checkra1n v0.9.7 adds support for iOS 13.3 and integrates bug fixes

Anthony Bouchard ∙ Updated May 27, 2020

The checkra1n team is out with a brand-new update for the macOS-centric checkra1n jailbreak tool Saturday morning with official support for Apple’s newly-released iOS 13.3 and several bug fixes and improvements.

The checkra1n team shared news of the latest public beta, dubbed v0.9.7 via Twitter just this morning:

New tfp0 POC encompasses iOS 12.4.1 & 12.4.2 on ‘all iOS devices since A12’

Anthony Bouchard ∙ November 28, 2019

Good news for jailbreak hopefuls who aren’t presently able to take advantage of the brand-new checkra1n tool due to having too new of a device: there’s a new tfp0 proof-of-concept in town.

Citing a blog post first shared by Twitter user @ZecOps this Thanksgiving, the new tfp0 POC affects iOS 12.4.1 and 12.4.2, and this potentially opens the door for existing semi-untethered jailbreaks like Chimera and unc0ver to implement support for two new versions of iOS on all iOS devices since the A12(X) variety:

Understanding untethered, semi-untethered, semi-tethered, and tethered jailbreaks

Anthony Bouchard ∙ November 21, 2019

If you’ve been poking around in the jailbreak community for as long as I have, then you’ve undoubtedly witnessed a plethora of different jailbreak types. Among the most popular in this community are untethered, semi-untethered, semi-tethered, and tethered, each of which exhibit different attributes that every jailbreaker should be aware of.

We understand that some are new to jailbreaking, but even those who’ve been around as long as I have might have some confusion between the different types. For this reason, we’ve compiled a quick guide to help everyone understand what each of these different jailbreaks are and how they behave.

Lasers can control Siri and other voice assistants: Researchers

Peter Cohen ∙ November 5, 2019

Researchers in Japan and the United States announced they'd found a way to hijack voice assistants including Google Home, Amazon Alexa and Siri using lasers and other focused beams of light, according to a report in the New York Times.

Pwn20wnd issues advice for potential jailbreakers using A12(X) and A13 devices

Anthony Bouchard ∙ November 3, 2019

Things have been getting very real in the jailbreak community in the past several weeks. One of the most significant tidbits of news has been the development of the A5-A11-based checkra1n jailbreak by Luca Todesco and others, which rides on the back of a brand-new bootrom exploit from @axi0mX called checkm8. But the captivation isn’t stopping there.

With all the exciting information (and drama) that we’ve seen recently, one might be inclined to say it’s breath of fresh air to see unc0ver jailbreak lead developer Pwn20wnd touting potential work on something new. The hacker took to Twitter Sunday morning to share pertinent information for A12(X) and A13 device users who might be in the market for a jailbreak:

New teaser shows checkra1n jailbreak running Cydia and Zebra

Anthony Bouchard ∙ October 27, 2019

With a resource as powerful as @axi0mX’s checkm8 bootrom exploit floating around in the wild, it’s should come as no surprise to anyone that prominent members of the jailbreak community are actively working on tools that take advantage of it. One of the most significant of those is checkra1n, a project that is currently being spearheaded by renowned hacker and Yalu jailbreak lead developer Luca Todesco.

It’s been a little over a week since we last heard anything new about checkra1n, but based on what we saw at the time, it would seem things are falling into place quite nicely. Now, a new Tweet shared Sunday afternoon by the official checkra1n Twitter page reveals what appears to be working package managers installed on an iPhone X, iPhone SE, and a seventh-generation iPod touch.

Luca Todesco teases progress on checkra1n, a checkm8-based jailbreak

Anthony Bouchard ∙ October 19, 2019

Just over a week ago, well-respected hacker and security researcher Luca Todesco took to Twitter to tease an all-new custom boot logo and frame buffer concept for checkra1n, a purported jailbreak utility that would be based on the recently-released checkm8 bootrom exploit from @axi0mX. Fortunately, the teasers haven’t stopped there.

Just this weekend, the official checkra1n Twitter page teased an image of what appears to be both a seventh-generation iPod touch and an iPhone SE – each running iOS 13 – with the checkra1n jailbreak app present on the Home screen.

Luca Todesco shows off custom boot logo and frame buffer concept via checkm8 exploit

Anthony Bouchard ∙ October 10, 2019

If you’ve been paying any attention to the jailbreak community recently, then you’ve undoubtedly caught wind about the new checkm8 bootrom exploit.

Given how checkm8 is a bootrom exploit, it can’t be patched with a software update, and it works on all A5-A11 devices up to and including the iPhone X. With that in mind, it should come as no surprise to anyone that avid jailbreak developers are attempting to get their hands dirty with it.