iOS

Hackers demonstrate 0-day exploit on iOS 12.1 at recent Tokyo-based Pwn2Own contest

Despite the absurd amounts of time and money that Apple pours into security efforts to make iOS one of the most secure mobile operating systems available today, it seems that even iOS 12.1, the latest publicly-available firmware version on the iPhone and iPad, isn’t entirely hack-proof.

At the recent Pwn2Own contest in Tokyo, Richard Zhu and Amat Cama, a duo of white hat hackers, reportedly harnessed the power of a powerful Safari-based 0-day exploit to recover a photograph that was recently deleted from an iPhone X’s native Photos app.

Pwn20wnd releases re-written Osiris jailbreak for developers and other advanced users

iOS hacker Pwn20wnd was played an instrumental role in various iOS 11-centric projects in recent memory, including the Electra and unc0ver jailbreak tools and the Rollectra un-jailbreaking tool. As of this weekend, however, we can add the Osiris jailbreak tool to that list.

Pwn20wnd released a rewrite of the Osiris jailbreak tool for iOS 11.0-11.4 beta 3 Sunday afternoon. Osiris uses Ian Beer’s tried and true iOS 11 exploits to achieve a jailbreak on the aforementioned firmware versions, but unlike other jailbreak tools available already, it doesn’t install Cydia.

If you aren’t already jailbroken, stay on the lowest possible firmware and avoid updates

If you’re already rocking a jailbroken handset by way of Electra or unc0ver, then you should consider yourself lucky. Unfortunately, those who updated to iOS 11.4-11.4.1 or iOS 12.0+, either on purpose or by accident, can’t jailbreak at this time.

If you fall into the latter category and have been crossing your fingers for a jailbreak, then you might be asking yourself whether you should stay where you are or upgrade to iOS 12.1; that’s a question we intend to help you answer in this piece.

With iOS 12, GrayKey can no longer break iPhone passcodes

It looks like Apple might have finally gained the upper hand in its long-running battle with Atlanta, Georgia-based GrayShift, at least for now. Forbes reports the company's passcode hacking technology known as GrayKey doesn't work on devices with iOS 12 or later installed. Instead, members of the forensics community say the technology can only do a "partial extraction" on these devices. 

Apple is no longer signing iOS 12.0

On Monday, Apple stopped signing iOS 12.0, making it impossible to downgrade from iOS 12.0.1 to iOS 12.0. The move also compels those on iOS 12.0 to upgrade to iOS 12.0.1 when attempting a restore via iTunes.

The news shouldn’t come as much of a surprise since the Cupertino-based tech company released iOS 12.0.1 to the public just over two weeks ago. Apple typically stops signing firmware approximately 14 days after releasing a new version to facilitate software upgrades among its user base.

As promised, Ian Beer publicizes iOS 11.4-11.4.1-centric exploits

Matrix code hacked iPhone.

About a month ago, renowned security researcher Ian Beer announced plans to publicly release iOS 11.4-11.4.1-centric exploits as hacking focus shifted over to Apple’s newer iOS 12 release. It’s been near-radio silence since then, but as of today, those exploits are officially public.

As it would seem, Beer’s latest batch of iOS security exploits encompass the following:

Lock down your apps and improve notification privacy with PrivaSee

If you’re like most people, then your privacy is important to you. Fortunately, a new jailbreak tweak called PrivaSee by iOS developer smokin1337 can augment your iPhone’s privacy features with an elegant blur effect that can only be dismissed with the help of biometric authentication.

PrivaSee does a variety of things to help improve your privacy throughout your daily workflow. Not only can it lock other people out of apps on your device, but it can protect the contents of incoming notification banners until you’ve authenticated yourself with Face ID or Touch ID.

Hacker demos untethered jailbreak running on iPhone 5 with iOS 10.2.1

The jailbreak community has been anything but quiet lately. We’ve seen things ranging from jailbreaking the new flagship iPhone XS Max, to updating untethered bootrom exploits for the legacy iPhone 3GS, to releasing a new jailbreak tool for firmware 1.1 on the original iPod touch; and now, something else of interest has surfaced.

In a curious video shared by YouTube user doras2 over the weekend, we discern what appears to be a fully-untethered jailbreak running on a 32-bit iPhone 5 handset with iOS 10.2.1 installed on it:

Cross-platform SHSH blob-saving tool blobsaver updated to version 2.2 with improvements

Good practice for any jailbreaker is to save your handset’s SHSH blobs regularly. Doing so opens you up to the possibility of firmware downgrades and other fruitful benefits concerning jailbreaking.

A whole host of SHSH blob-saving tools exist today, including blobsaver. The latter is a cross-platform GUI app that promises ease of use across common operating systems like macOS, Windows, and even Linux.

Axi0mX announces an update to his Alloc8 untethered bootrom exploit for iPhone 3GS

In April of last year, iOS hacker axi0mX came forward with the alloc8 untethered bootrom exploit for all models of the tried and true iPhone 3GS. But as of this weekend, he announced an update for the exploit that brings improvements to stability and usability.

As per one of the axi0mX’s most recent Tweets, the updated exploit does away with a bothersome three-second delay that typically transpires when waking the device from sleep: