IPhone exploit could allow permanent jailbreak for millions of devices

Tuesday, 01 Oct, 2019

axi0mX, the pretty well-known iOS hacker and cybersecurity researcher, has publicly released what he claims to be a "permanent unpatchable bootrom exploit", which is capable of working all on devices with an A5 chip (iPhone 4S) to an A11 chip (iPhone X).

For instance, the possibility of jailbreaking the said iPhones could well lead to many hacking their iOS platform to load the sort of programs they would prefer but aren't allowed given Apple's restrictions on the same.

But Chatterjee's eyes are on next year and he says that 5G iPhone sales "will drive high investor confidence in the sustainability of revenue growth even in the backdrop of a mature smartphone market".

Bootrom exploits use vulnerabilities in iOS codes to their advantage, as explained by The Verge. (CVE stands for Common Vulnerabilities and Exposures, and is a public database of publicly known cybersecurity vulnerabilities.) That implies Apple identified the associated vulnerabilities internally.

However, the jailbreakers are still "tethered", that means one will still need physical access to an iPhone and a computer to connect both the devices via a USB cable.

In fact, the entire reason this was posted on Twitter was to share the exploit with those who would want to use it to create a jailbreak for their device.

Jailbreak and downgrade iPhone 3GS (new bootrom) with alloc8 untethered bootrom exploit. This means that it is unlikely to infect older version of iPhone while browsing the web.

Besides, it is widely believed that the majority of Apple device users cannot be bothered now to take part in jailbreaking activities, which, by the way can also lead to potential security breaches. To counteract those problems, as of September 27, Apple released the iOS13.1 update that addresses most of the problems faced by users in the previous version, but some of them had not yet been resolved. You can't simply download a tool, crack your device, and start downloading apps and modifications to iOS.

AxiomX's jailbreak is now available on GitHub as a beta release. The code isn't recommended for users without proper technical skills as it could easily result in bricked devices. He adds that: "Checkm8 serves as the latest reminder that neither Android nor iOS will ever be 100% secure".