In context: iOS jailbreaking is a type of privilege escalation exploit that removes software restrictions imposed by Apple. For example, a user with a jailbroken iPhone can install software outside of Apple’s official App Store.
A team of mobile operating specialists over the weekend published a tool that’s reportedly capable of jailbreaking all versions of iOS from 11 through the just-released 13.5 update.
Per Wired, the new jailbreak is available to download and install from established platforms like AltStore and Cydia. According to its creators, the jailbreaking team Unc0ver, the jailbreak is stable, doesn’t hamper battery life and doesn’t prevent the use of official Apple services like Apple Pay, iCloud or iMessage. The group further claims that the use of its tool doesn’t undermine iOS sandbox security.
According to Wired, this is the first jailbreak built on a zero-day vulnerability in years. Unc0ver’s lead developer, who goes by the handle Pwn20wnd, as well as independent iOS security researchers believe it will take Apple two to three weeks to patch the flaw in the iOS kernel that enables this jailbreak – assuming of course that they hadn’t previously found the bug and were already preparing a fix.
It was reported last week that an early build of iOS 14 has been circulating among the security and enthusiast community since at least February. While that isn’t related to this jailbreak (Pwn20wnd doesn’t operate with leaked iOS builds), the two incidents do say a lot about Apple’s security culture as of late.
Masthead credit: Casimiro PT