iOS

New tfp0 POC encompasses iOS 12.4.1 & 12.4.2 on ‘all iOS devices since A12’

Matrix code hacked iPhone.

Good news for jailbreak hopefuls who aren’t presently able to take advantage of the brand-new checkra1n tool due to having too new of a device: there’s a new tfp0 proof-of-concept in town.

Citing a blog post first shared by Twitter user @ZecOps this Thanksgiving, the new tfp0 POC affects iOS 12.4.1 and 12.4.2, and this potentially opens the door for existing semi-untethered jailbreaks like Chimera and unc0ver to implement support for two new versions of iOS on all iOS devices since the A12(X) variety:

Luca Todesco talks at POC2019, reveals checkra1n team identities and plans

If you’ve been following the development of the checkm8-based checkra1n jailbreak all this time, then you’ll be excited to hear that one of the project’s most vocal developers, Luca Todesco, took the stage at POC2019 in Seoul, South Korea to discuss the jailbreak and reveal particularly captivating details about the checkra1n team’s members, long-term plans, and more.

Todesco entitled his Keynote presentation “The One Weird Trick SecureROM Hates,” and from what we can gather, the checkra1n team is comprised of the following members, many of which might be familiar to veteran jailbreakers:

Protect your identity on the internet like never before with Guardian Firewall

A VPN (Virtual Private Network) is often your best bet when you want to browse the internet privately. Not only do most VPNs offer end-to-end encryption for secure data transmission, but they will also cloak your true location from prying eyes.

Many VPN services work in the same way, but Guardian Firewall by Sudo Security Group is a completely different type of VPN that aims to clamp down on user privacy even further by filtering outgoing data transmissions that could potentially expose personal information about you.

Security researcher Umang Raghuvanshi open-sources Sock Puppet 3 exploit for iOS 12.4

Matrix code hacked iPhone.

Unless you’ve been living under a rock, you’ve undoubtedly witnessed the staggered inclusion of support for iOS 12.4 in the Electra Team’s Chimera jailbreak tool and Pwn20wnd’s unc0ver jailbreak tweak over the course of the past month. This feat was made possible with a revised version of the Sock Puppet exploit dubbed Sock Puppet 3 by security researcher Umang Raghuvanshi (@umanghere).

From what we can gather, today (Sunday, September 8th) is Raghuvanshi’s Birthday, and the lad has opted to celebrate his special day by open sourcing the Sock Puppet 3 exploit to the general public, a move that he hopes will contribute to even more great works in the community:

Luca Todesco flexes hacking skills on iOS 13 beta 8 and iOS 13.1 beta 1

Anyone familiar with the jailbreak scene knows that Luca Todesco sports l33t hacking skills, but the security researcher reaffirmed those skills this week after sharing a demonstration video of what appears to be a hacked iPhone X-style device running the eighth developer beta of iOS 13.

The video, embedded below for your viewing pleasure, showcases what appears to be a WebKit-based software bug at work:

Apple sues mobile device virtualization company Corellium, cites ‘copyright infringement’

Apple’s legal team filed a lawsuit against mobile device virtualization company Corellium LLC this week for purported “copyright infringement,” citing that Corellium’s business model “is based entirely on commercializing the illegal replication of the copyrighted operating system and applications that run on Apple’s iPhone, iPad, and other Apple devices.”

Corellium’s services are a valuable asset to security researchers because they enable deployment of Apple’s mobile operating system in a virtualized environment. With such a tool, hackers can research iOS vulnerabilities, and in the case of unc0ver lead developer Pwn20wnd, it can even help with jailbreak tool development by ensuring stability across all device and firmware combinations.

New concept reimagines the process of changing a jailbroken handset’s root password

Anytime you jailbreak an iOS device, one of the first things you’re ever advised to do is change your handset’s root password, which is commonly used to access elevated privileges in mobile terminal when entering complex commands. The password is always “alpine” out of the box, but users can change this to almost anything they want to increase their handset's security from a commonly-known password.

As imperative as changing the root password may be, many jailbreakers either forget to do so or shrug off its importance. For that reason, we’re particularly fond of a sleek concept that was shared to /r/jailbreak over the weekend that rethinks the way jailbreakers will interact with their root password after jailbreaking their handset for the first time.

PSA: Jailbreakers and aspiring jailbreakers should not install iOS 12.4

After a lengthy beta test period, Apple finally released iOS 12.4 to the public on Monday for iPhones, iPads, and iPod touches alike.

While it can sometimes be tempting to updates to the latest version of iOS to take advantage of the latest new features, performance improvements, and security patches, jailbreakers and aspiring jailbreakers to be will want to steer far away from installing today’s software update.

LastUnlock displays the last time your iPhone was unlocked on the Lock screen

If you have a jailbroken handset in your possession and you’re paranoid that someone might know your passcode and that they might be logging into your device when you aren’t looking, then you just might come to appreciate a newly-released and free jailbreak tweak dubbed LastUnlock by iOS developer Smokin1337.

As indicated by the screenshot example above, LastUnlock records the most recent date and time that your handset was unlocked (whether it was by you or someone else) and displays it on the Lock screen where the ‘press Home to unlock’ or ‘swipe up to unlock’ text would typically appear.