iOS

Tihmstar opts not to release standalone exploit, instead says “something cool coming”

Matrix code hacked iPhone.

There was no shortage of exciting jailbreak-centric news this past week, but perhaps the most captivating tidbit of all was the announcement that tihmstar was tinkering with an exploit that could hack a subset of devices running iOS 11.2.6-11.4.1 – specifically those with headphone jacks.

It didn’t take long after the initial announcement for tihmstar to share that he had achieved tpf0, which permits arbitrary reads and writes to a device’s kernel memory. On the other hand, a pair of Tweets shared just weekend shed new light on the hacker’s intentions involving said exploit:

Tihmstar achieves tfp0 exploit on iOS 11.4-11.4.1, jailbreaks could soon adopt support

Just yesterday, we reported that hacking guru tihmstar was tinkering with an exploit targeting a subset of iOS 11.4 and 11.4.1 devices that sported headphone jacks. At the time, tihmstar only had kernel read access but was still working on kernel offsets and write access.

But those tides have changed as of Friday. tihmstar has taken to Twitter to announce that he achieved tfp0:

S0rryMybad could release an iOS 12 exploit after Apple patches it in a software update

Matrix code hacked iPhone.

Apple first released iOS 12 in mid-September, and it’s seen a host of revisions over the last four months. Despite the continuous fortification of Apple’s mobile operating system, there’s been no shortage of bug and exploit reports encompassing iOS 12.

One of the latest announcements comes by way of security researcher @S0rryMybad, who appears to have happened upon a powerful exploit impacting iOS 12.1.2 and below on pre-A12 devices. But perhaps more importantly, the exploit can allegedly provide tfp0 on Apple’s latest mobile operating system:

Saurik warns against using Cydia Impactor alternative ‘AppSigner,’ says it’s unsafe

If you’ve ever used a semi-tethered jailbreak before, then you should be familiar with Cydia Impactor. Saurik (Jay Freeman) created this multi-platform application to let you side-load apps on your iPhone or iPad, especially of the jailbreak flavor, such as Electra and unc0ver.

Recently, a web-based alternative to Cydia Impactor called AppSigner received some public attention on /r/jailbreak, and as you might come to expect, prominent members of the jailbreak community are speaking up to explain why you should not use it.

PSA: There’s a fake iOS 12 jailbreak in the wild, stay away from it

While most of us are celebrating New Year’s Day the old-fashioned way, others are taking full advantage of the holiday to propagate nefarious activities. As it would seem, a fake iOS 12 jailbreak is being tossed around in the wild.

Hacker and unc0ver lead developer Pwn20wnd hopped on Twitter early Tuesday morning to dismiss any confusion concerning the new of the fake iOS 12 jailbreak:

HiddenAlbumLock requires authentication to view the ‘Hidden’ album in your Photos app

Photos App Icon iOS

You can hide images from the Camera Roll in iOS’ native Photos app to prevent them from appearing in your image list, but hidden images are quickly discovered by prying eyes when someone holding your iPhone opens the “Hidden” album in the Photos app.

If you wish Apple took better care of your Hidden images, then you might enjoy a new free jailbreak tweak called HiddenAlbumLock by iOS developer smokin1337. Just as the name implies, this tweak locks the Hidden album and requires authentication to unlock it for viewing.

NoLowPowerAutoLock disables the 30-second auto-lock when Low Power Mode is turned on

iPhone owners can use the included Low Power Mode to save battery life on their iPhone in a pinch, and while it can be useful, I don’t particularly care for how it forces a 30-second auto-lock down your throat.

Apple doesn’t give you a way to increase the auto-lock timeout on a stock device with Low Power Mode enabled, but jailbreakers can take advantage of a free jailbreak tweak called NoLowPowerAutoLock by iOS developer SparkDev to command differently.

In response to serious bug, Saurik disables purchases in Cydia Store

Saurik (Jay Freeman) was forced to make a tough decision involving the Cydia Store on Thursday after receiving troubling news from concerned developers in the jailbreak community.

As it would seem, a severe bug discovered in the platform by Andy Wiik could have enabled arbitrary Cydia Store package purchases via users’ PayPal accounts if they were logged into a Cydia account with a linked PayPal account and browsing potentially malicious third-party repositories in the app.

Security researcher Jann Horn publishes a privilege escalation bug that was fixed in iOS 12.1.1

Matrix code hacked iPhone.

Given everything that’s been happening in the security research space lately, iOS 12 appears to be far from non-exploitable. On the other hand, bugs, exploits, and vulnerabilities for Apple’s latest and greatest operating just keep rolling in with each passing day, and this could potentially be great news for the jailbreak community.

The latest of such occurrences involves a privilege escalation bug for iOS 12.1 and earlier by Jann Horn of Google Project Zero. The security researcher published his notes online regarding the bug Monday afternoon, just five days after Apple publicly released iOS 12.1.1 to patch the bug, along with several others.

Linus Henze releases Safari-centric exploit targeting iOS 12.1 and earlier

Matrix code hacked iPhone.

It was only a few days ago that we learned about a sandbox escape PoC for iOS 12.0-12.0.1, and while it was just a proof of concept, there’s always the potential that a talented hacker could make use of it for future endeavors; perhaps even jailbreak development.

Fortunately, that’s not the only iOS 12-centric vulnerability floating around in the wild these days. As it would seem, a Safari-based exploit targeting iOS 12.1 and below (and macOS 10.14.1 and below) was also released this week by iOS tinkerer Linus Henze.

Powerful sandbox escape PoC for iOS 12.0-12.0.1 released

Matrix code hacked iPhone.

While there’s no official confirmation of any individual or team of people working on a public iOS 12 jailbreak, it seems that we could be one step closer as of Tuesday.

Citing a post published on /r/jailbreak, it appears that a powerful sandbox escape proof of concept for iOS 12.0-12.0.1 has been released, fueling speculation that a public jailbreak tool could be crafted in the future with support for Apple’s latest and greatest mobile operating system. Notably, the exploit is patched in iOS 12.1.

Apple stops signing iOS 12.0.1, hindering downgrades from iOS 12.1

Apple stopped signing iOS 12.0.1 on Tuesday, a move that prevents all iPhone and iPad users from downgrading their firmware via iTunes to any version lower than iOS 12.1.

It’s been almost one full month since Apple publicly released iOS 12.1, signaling one of the Cupertino-based company’s longest firmware signing windows in recent memory; most windows only last for about two weeks.