iOS

ZecOps teases security vulnerability for iOS 14, raising hopes for a jailbreak

Matrix code hacked iPhone.

iOS and iPadOS 14 have only been out for one week, but that hasn’t stopped jailbreak hopefuls for questioning when a universal jailbreak might launch with support for the two. Although the checkra1n team recently announced iOS and iPadOS 14 support for A9 and A9X devices with expected support for A10 and A10X in coming weeks, any and all newer devices are left out in the cold in this regard.

While no jailbreak team has outright stated that they would be taking on the burden of developing a universal iOS and iPadOS 14 jailbreak, some good news is that @ZecOps could be preparing to release a kernel-level local privilege escalation (LPE) that supports iOS and iPadOS 14. The announcement was shared via Twitter just this Wednesday afternoon:

Hacker appears to claim that iOS 13.7 is vulnerable to new exploit

Matrix code hacked iPhone.

With Apple dropping software updates for its iPhones and iPads as frequently as they do nowadays, it’s particularly exciting when a hacker claims that they’ve pwned one of the company’s latest versions of iOS and/or iPadOS.

The most recent announcement to shake things up came by way of hacker @08Tc3wBB last month in the form of a new exploit for iOS 13.6.1 that allegedly used a different method to achieve its ends than the more traditional tfp0 method that we see in modern jailbreaks like Odyssey and unc0ver. On Monday, the same hacker appeared to validate that the newer iOS 13.7 would be vulnerable to jailbreak-centric exploitation:

ConfirmPasteboard enhances pasteboard privacy on jailbroken iPhones & iPads

Privacy is a growing concern these days as seemingly more and more apps try to harvest our personal data for the sake of monetary gain. What we learn from this is actually quite simple: people generally don’t like being tracked and prefer to enjoy their right to privacy.

Smartphone-centric privacy breaches happen a number of different ways, including location tracking, camera or microphone spying, and/or Photo Library snooping. But the pasteboard, which may sometimes store sensitive information if you do any copying and pasting on your iPhone or iPad, is another thing that often slips under the radar.

WiFi List lets iPhone users view previous Wi-Fi networks & their passwords

After you log into a Wi-Fi network on your iPhone, it will remember that network and connect to it automatically when in range. As you might come to expect, this means your handset keeps a database of previously used Wi-Fi networks. Unfortunately, Apple doesn’t allow users to access this information on their own devices out of the box.

If your iPhone is jailbroken, then you may be excited to learn that there’s a way around this frustrating quandary. A newly released and free jailbreak app dubbed WiFi List by iOS developer Itaybre consolidates all of your previously used Wi-Fi networks, their passwords, and more valuable information about them into one convenient place for future reference.

Newly teased exploit for iOS 13.6.1 uses different method than traditional tfp0

There’s some potentially exciting news for the jailbreak community this weekend after hacker and security researcher @08Tc3wBB teased what appears to be a newfangled approach to exploiting the latest public release of iOS on one of Apple’s current-generation iPhones.

Citing one of @08Tc3wBB’s latest Tweets, it would appear that the hacker successfully pwned an iPhone 11 Pro Max running iOS 13.6.1 without using a traditional tfp0-style exploit like those used in the majority of modern jailbreaks like Odyssey and unc0ver:

Luca Todesco teases SEPROM code execution with checkra1n

Nearing the end of last month, the Pangu Team took the stage at MOSEC 2020 to discuss a plethora of interesting topics, one of which really stood out from the rest. We’re of course talking about the unpatchable hardware based SEPROM vulnerability that targets a device’s secure enclave processor (SEP).

It wasn’t long after the SEPROM vulnerability was discovered and notes about it were published that famous hackers like Luca Todesco of the checkra1n team began tinkering with it. In fact, it was only yesterday that Todesco Tweeted some particularly eye-catching photos of checkra1n integration on an iOS device and of a T2-equipped Mac running the vulnerability as shown by the Touch Bar’s OLED display:

Prevent thieves from powering down your iPhone with LockShut

One of the first things a clever iPhone thief will do upon stealing your expensive handset is turn it off so that you can’t call it to listen for your ringtone or use its built-in GPS receiver to track it via Find My iPhone. With this sentiment in mind, it’s amazing that Apple doesn’t require additional secure steps to fully power off your device.

iOS developer Greg Rabago (Greg0109) recognized this eyebrow-raising caveat and consequently developed a new jailbreak tweak called LockShut in an effort to prevent thieves from powering down your iPhone without your permission.

Pangu Team teases unpatchable SEP vulnerability at Mosec 2020

It was a pleasant surprise waking up this morning to learn that the Pangu Team had successfully pwned iOS 14 using their own proprietary exploits and demoed it at the Mosec 2020 conference. Although this jailbreak in particular isn’t likely to be released, it shows that there’s a light at the end of the tunnel despite Apple’s ongoing efforts to snuff out jailbreaking once and for all.

But an iOS 14 jailbreak wasn’t the only thing that the Pangu Team shared during their presentation. Team member @windknown also discussed details encompassing security research with Apple’s proprietary SEP (Secure Enclave Processor) chips, which are used for storing valuable data including Face ID & Touch ID information and passcode data, among other things of utmost confidentiality.

Pangu Team demos working iOS 14 jailbreak at Mosec 2020

Apple’s upcoming iOS & iPadOS 14 software updates aren’t slated to be released until sometime this Fall, but that hasn’t stopped prominent jailbreak community hackers from getting their hands dirty with the developer pre-releases and working their usual magic.

The first example of an iOS 14 jailbreak was shared by the checkra1n team mere days after Apple teased the update at WWDC 2020, but this was expected as checkra1n utilizes a hardware-based bootrom exploit that can’t be patched with a software update. Early this morning, however, the Pangu Team took the stage at Mosec 2020 to demonstrate a working jailbreak of their own on the iOS 14 platform.