The iOS Checkm8 jailbreak is hugely significant, but not for you

Posted Posted by Admin in News     Comments Comments Off on The iOS Checkm8 jailbreak is hugely significant, but not for you
Oct
3

There’s a new iPhone jailbreak – and it’s significant. “This is possibly the biggest news in iOS jailbreak community history in years,” security researcher Axi0mX declared on Twitter, as the hacker posted a GitHub link to an unpatchable iOS exploit called Checkm8. The code could enable hundreds of millions of iOS devices to be jailbroken.

As its name suggests, jailbreaking gives people the ability to break iOS devices and strip them of restrictions Apple has placed on them. It has been a warranty-voiding practice, completed by general users and techies alike for years, but it has become notoriously hard to do in recent iterations of iOS.

Back in August, Apple released an iOS 12.4 update which unpatched a jailbreak vulnerability which took advantage of the ‘SockPuppet’ flaw, and was swiftly patched by a red-faced Apple. While embarrassing, that mistake pales in comparison to the recent vulnerability of Checkm8.

“The most significant thing about Checkm8 is that it can’t be fixed with a software patch which is the way most vulnerabilities get fixed as it is in software, which is hard-coded on the device,” says Robin Wood, an independent security consultant.

With Checkm8, Apple has no way of patching the flaw. The Checkm8 software tool uses an exploit which targets a security hole in the Apple device’s ‘bootrom’, which is essentially the first bit of code that runs when an iOS device is turned on.

The flaw affects an eye-watering number of iOS devices, from devices with an A5 chip all the way to those with the A11 chip, meaning iOS devices such as undeniably ancient iPhone 4S all the way to the – still relatively new – iPhone X, could be impacted.

To put it simply, Apple is completely powerless to do anything about the exploit, short of recalling millions upon millions of affected devices. It’s one of the most significant exploits in recent years, potentially shaking the Apple ecosystem to its core. But does anyone really care about jailbreaking anymore?

“The main people who are likely to benefit from this are security researchers, who are using their own phone in controlled conditions. This process allows them to gain more control over the phone and so improves visibility into research on iOS or other apps on the phone,” Wood says. “For normal users, this is unlikely to have any effect, there are too many extra hurdles currently in place that they would have to get over to do anything significant.”

If a regular person with no prior knowledge of jailbreaking wanted to use this exploit to jailbreak their iPhone, they would find it extremely difficult, simply because Checkm8 just gives you access to the exploit, but not a jailbreak in itself. It’s also a ‘tethered exploit’, meaning that the jailbreak can only be triggered when connected to a computer via USB and will become untethered once the device restarts.

These are the best smartphones in 2019

WIRED Recommends

These are the best smartphones in 2019

There’s also been significant changes since the heydays of iOS jailbreaking. In the early 2008 days of the iPhone, when there wasn’t quite and ‘app for everything,’ thousands of people flocked to alternative ways to break open their device. Cydia – an alternative App Store for downloading jailbroken apps, files, tweaks and themes – was the place to go.

Apple has since drastically improved its mobile operating system, giving some people the motivation, the customisation elements and app developers the API flexibility they needed to finally ditch the warranty-voiding process of jailbreaking. “No normal person wants to jailbreak,” says Lindsay Marshall, a professor at the University of Newcastle’s School of Computing. “The system used to be pretty restrictive on iPhones, and they’ve slowly expanded all the things you can do. The need to jailbreak is much less now than it ever used to be.”

Back in 2013, a massive 270,000 people downloaded the iOS 6 jailbreak in the first day of its release. That high number of first day downloads continued to decline year on year with every subsequent iOS release, in part thanks to the improvements on iOS. The first sign of danger for jailbreakers, however, came in 2017, when two of the biggest default app repositories – ModMy and ZodTTD/MacCiti – both announced that they would be archiving their repositories on Cydia.

Finally, in December last year, Cydia stopped allowing in-app purchases on its app store, which essentially sounded the death knell in the jailbreaking community. The initial creators of iPhone jailbreaks have said the practice is ”basically dead”.

“Certain users like to do more with iOS than what Apple allows. They like the hardware and software but find the restrictions too limiting,” says John Shier, a senior security analyst at Sophos. “Some do it purely for piracy reasons. What’s concerning is the fact that some users are willing to spend £1,000 on a phone but refuse to spend two quid on an app.”

And even then, piraters and others looking for specific apps they can’t find on the App Store are going to find jailbreaking even more irrelevant with the announcement of a new unofficial app store platform called AltStore, which gives users access to a Nintendo emulator.

Riley Testut, the developer of the AltStore released the project last week, saying that it’s “a home for apps that push the boundary of iOS”. More importantly, however, is that the AltStore doesn’t require a jailbreak to be downloaded, instead relying on an installation of the companion AltServer application on your Mac or PC.

Even if Checkm8 is the biggest exploit in iOS history, the casual iPhone user is probably less inclined to jailbreak their device now than they have ever been before. And when you consider the countless security and privacy risks associated with jailbreaking your iPhone, it’s probably for the best. The practice has been in decline for many years now, and with iOS becoming increasingly robust, along with developers finding other ways to host unapproved apps, jailbreaking may well and truly be dead.

More great stories from WIRED

? No-deal Brexit would trigger a huge data problem

? The iOS 13 privacy settings you should change right now

? Tesla has created a battery that could last one million miles

?? Four-day working weeks aren’t the utopia they seem

? Get the best tech deals and gadget news in your inbox

Comments are closed.

Unlock Any iPhones including iPhone 6S Plus,6S,6,5S,5C 5 4s 4 3gs 3g 2g

Permanent unlock any iphone with any IOS very Fast and Cheap Visit HERE
Share |

eXTReMe Tracker