tihmstar continues his 32-bit streak with a browser-based jailbreak for iOS 9. Using the well-known Trident exploits patched in iOS 9.3.5, he has created a jailbreak which can be run directly from Safari on your device, no computer required.
Whilst most are no doubt still eagerly awaiting a jailbreak for the just-released iOS 10.2, there are those who still have devices on various flavours of iOS 9 and older, who have fallen through the cracks of the most recent Pangu releases. For them, this week brought some hope, with two separate announcements of upcoming jailbreaking tools, in addition to the release of a browser-based tool from Luca Todesco. This round-up will cover the various pieces of jailbreak release news that came to light over the past few days.
As reported recently on iDB, Luca Todesco has decided to solve the certification problems which have plagued the most recent Pangu release for 9.2-9.3.3, by making public a web-based tool for re-activating the jailbreak.
After doing some testing and research it seemed appropriate for a more in-depth discussion of the tool, along with a walkthrough, in order to address some of the more technical questions surrounding this latest development in the jailbreaking scene.
Noted iOS security researcher and hacker Luca Todesco has just released a WebKit-based loader for the Pangu 9.3.3 jailbreak. This impressive browser exploit is reminiscent of the original JailbreakMe exploits on iOS 1 and iOS 4, after which it is named.
All that is required for the technique to work is to follow a URL in mobile Safari, press a button, lock your device and wait for the respring.
Whilst this development is testament to Todesco’s hacking skills and has alleviated one major problem with the current 9.3.3 jailbreak: its reliance on developer certificates for the loader app, there is bound to be some confusion over what this tool actually does, and what it means for the jailbreak community. This post aims to bring some clarity to the topic.
For those who are unaware, Pangu launched a new jailbreak for iOS 9.2-9.3.3 over the weekend. Now, an iOS developer from the jailbreak scene has made it possible to jailbreak your iOS 9.3.3 device directly from your iOS device itself without the need for a computer.
It’s officially JailbreakMe-style, and in this tutorial, we’ll show you how to do it!
The cat and mouse between Apple and the jailbreak community has been going on for about 6 years now. Every time a new jailbreak tool is released, taking advantage of some holes in Apple’s tight mobile operating system, you can bet your shirt that Apple will be quick at patching those holes with a software update.
Sometimes those software updates are released faster than others. For example, it took Apple 43 days to patch a series of vulnerabilities that allowed iOS 6 users to jailbreak their devices using evasi0n. In comparison, it took Apple only nine days to fix the bugs that were exploited by JailbreakMe 3.0.
The time difference can be easily explained by the fact that exploits like those used by JailbreakMe represent a much a higher security threat to iOS users than those used in evasi0n. Remember, JailbreakMe could be run directly from the device’s browser, thus exposing virtually every single iOS 4.3.3 user at the time to security risks. In comparison, evasi0n requires you to plug the device to a computer via USB. Clearly, the security threats is much lower with evasi0n.
This being said, every time Apple releases a software update that patches vulnerabilities used in a jailbreak, some enthusiastic jailbreakers are always quick at calling Apple names and accusing the company to actively fight the jailbreak community. “Apple hates jailbreakers. They just released a software update to kill the jailbreak,” you can often read every time an iOS update that patches a jailbreak is released. But is that really the truth? Does Apple really hate the jailbreak community or is it trying to protect the safety of its most popular operating system?
Jailbreak community owes a lot to adept hackers who find and exploit weaknesses in the design of iOS mobile operating system, thus allowing Apple’s mobile gadgets to run unsanctioned software. It’s more often than not a neverending cat-and-mouse game between Apple and hackers that at the end benefits jailbreakers the most.
Say you’re an expert hacker who just figured an exploit in one of Apple’s products. You could report your findings directly to Apple and help them plug those holes with a software update.
But did you know you could also hand over this valuable information to an exploit broker who will sell it to a government agency and net you a decent profit, minus the broker’s commission? A U.S. government agency, to be precise…