A new iPhone jailbreak is unpatchable on all affected devices - The UpStream

A new iPhone jailbreak is unpatchable on all affected devices

posted Friday Sep 27, 2019 by Scott Ertz

A new iPhone jailbreak is unpatchable on all affected devices

It is not unusual for companies to discover software vulnerabilities. The thing that makes software great is that it can be patched if an issue is discovered so that the issue can be mitigated. However, a hardware-level vulnerability is far less common and even harder to repair. This is the situation that Apple has found itself in, as a hardware-level vulnerability has been discovered and actively exploited in a wide range of iPhones.

Devices sporting the Apple A5 through A11 processors, meaning the iPhone 4S through the iPhone X and a variety of iPads, are vulnerable to this issue, dubbed checkm8. The issue involves the devices' bootloader, which is the mobile equivalent of a desktop computer's BIOS. Unlike a BIOS, an Apple bootloader is not able to be updated, which means that the exploit is permanent and unfixable. This means that it exists in the wild on these devices forever.

The issue was reported and exploited by Twitter user axi0mX, along with an open-source project to take advantage of the exploit. While the majority of the issues are simply going to annoy Apple, some of them are legitimate problems. On the casual side, iPhones are now able to run operating systems other than Apple's iOS, including Android. Through this new feature, d potentially breathe new life into older devices. For example, the iPhone 4S maxes out at iOS 9, but the hardware could potentially support far newer Android builds especially Android Go.

On the negative side, however, is the potential for security issues. With access to the bootloader, it is possible that some personal data on the device could be vulnerable. Of course, this means that the hacker would require physical access to the device, but it is still possible. The need to have access to the device could potentially reignite a mostly dead market of stolen phones.


Login to CommentWhat You're Saying

Be the first to comment!

We're live now - Join us!



Forgot password? Recover here.
Not a member? Register now.
Blog Meets Brand Stats