- How to stream Navy vs. Notre Dame live Today 3:30 AM
- The actor who played Greedo is just as confused by ‘maclunkey’ as you are Friday 4:57 PM
- AirPods are getting that sweet, sweet Black Friday price drop Friday 4:24 PM
- Looking for a Nintendo Switch? Black Friday deals are here Friday 4:04 PM
- Facebook copies Instagram with experimental ‘Popular Photos’ feature Friday 3:58 PM
- This iPhone app says it will alert you if you’ve been hacked Friday 2:43 PM
- ‘Marvel’s Hero Project’ is the wholesome content 2019 needs Friday 2:40 PM
- Get more out of VSCO with VSCO search Friday 2:09 PM
- Twitter carves out ‘cause-based’ advocacy exemption in political ads ban Friday 2:06 PM
- Disney+ accounts are being hacked—here’s how to protect yourself Friday 1:52 PM
- Instagram is hiding likes globally and searching for a ‘well-being’ product researcher Friday 1:42 PM
- ‘The Mandalorian’ opens up its mythology even further in ‘Chapter 2’ Friday 12:54 PM
- Want to buy a drone on a budget? We’ve got you covered Friday 12:51 PM
- ‘Simpsons’ writer accuses Republicans of stealing Sideshow Bob’s defense Friday 12:49 PM
- Keanu Reeves’ appearance in ‘SpongeBob Movie’ trailer quickly becomes a meme Friday 12:35 PM
Security researchers have uncovered a new iOS jailbreak. The tactic, called Checkm8, works on devices ranging from the iPhone 4s to the iPhone 8 and X, and cannot be reversed with a software patch.
Security researcher Axi0mX published the Checkm8 jailbreak earlier today. It exploits a vulnerability in the software used to boot the iOS operating system, called SecureROM.
SecureROM is the first significant piece of software executed when an iPhone or iPad is turned on. Due to the nature of its design, any vulnerability found within SecureROM can only be resolved with a hardware revision. This makes it almost impossible for Apple to mitigate against it, save for issuing a recall of devices.
According to ZDNet, the vulnerability impacts devices running Apple’s A5 to A11 chips.
Devices that use the A12 and A13 chipsets, like last year’s iPhone XR and the recently-released iPhone 11, are not believed to be affected.
IPhone Jailbreaks that exploit this element of iOS are extremely rare. The last example was released in 2009. This scarcity is primarily a result of a determined effort by Apple to eliminate any possible security holes. The discovery of Checkm8 is therefore hugely embarrassing for Cupertino.
Apple is notorious for its locked-down approach to its devices. It deliberately limits what software can run on iPhones and iPads, restricting owners as to what can be sourced from the App Store. But by “jailbreaking” a device, it becomes possible to run unauthorized code. This can include apps that were rejected from the App Store due to its stringent policies, to more specialized software, like the hacking tool Metasploit.
Despite that, it’s probably not a good idea to install this iPhone jailbreak, which is currently available to download from the researcher’s GitHub page. For starters, Checkm8 makes some significant changes to the underlying software of your device. If you make a mistake, there’s the potential to irreversibly “brick” your phone, turning your shiny iPhone X into little more than a fancy paperweight.
Jailbreaking also introduces an element of security risk. In the past, we’ve seen examples of malware that targets explicitly jailbroken phones. One specimen discovered in 2014, Unflod, harvested Apple ID credentials, which it then uploaded to a server with a Chinese IP address.