Tuesday, December 6, 2016

Just upgrade your iPhone and stop waiting for the jailbreak

Just upgrade your iPhone and stop waiting for the jailbreak


Seriously.  Think about it.  Since the very beginning of the jailbreak scene, has there ever been a jailbreak released for a version of iOS that isnt currently being signed by Apple?  No.  There has not.  Ever.  Hence the reason there is no jailbreak for 8.4.1.  It doesnt make sense for Jailbreak teams to burn potential exploits on versions of iOS that few people are still using, and would be an inherent risk should users choose to jailbreak.  What happens if you install a bad tweak?  Unless you can boot into safe mode and uninstall it, youre going to be forced to upgrade to the latest version of iOS that is currently being signed by Apple.  Bye bye jailbreak.

Im going to call out Luca Todesco here.  You sir, are a fucking asshole.  Yeah, I said it.  Luca Todesco is an asshole -- and a liar.  You dont develop a jailbreak, leak evidence of it and then refuse to release your exploit.  Dick move.  I know there are plenty of people out there who are going to tell me "exploit belongs to the developer, they can do with it as they choose"... blah, blah, blah... Im speaking particularly of the sheep on /r/jailbreak who are so desperate for a jailbreak that they have resorted to stroking the egos of these prima donna dickheads in hopes that they will find it in their hearts to release their findings.

To be completely honest, I am thoroughly convinced that all of the groveling and self demeaning is in vain anyway.  Why?  Ill tell you why.

1) 
Because, other than some extremely technical jargon that occasionally gets plastered on Lucas Twitter feed about kernel decryption keys or other such bullshit, absolutely no real evidence of 9.1 or above has ACTUALLY been released.  Real evidence would be a public jailbreak tool.  The reason why I find the kernel decryption keys suspect is because, even if they were real (which I HIGHLY doubt), the only person(s) who could actually utilize them to check their validity would be people who can also decrypt the kernel.  To wit, the only person to go public with such findings has been Luca.  How can anyone fact check him unless they also can decrypt the kernel?  Answer; they cant.  I call bullshit.

2)
Then there is the matter of the videos that Luca released on Youtube, supposedly showcasing jailbroken iOS 9.2.1.  Id be inclined to jump on that hype train and believe along with the rest of the sheep... if I didnt know just how easy it is to fake your iOS version.  On a jailbroken device, its as simple as editing the file

/System/Library/CoreServices/SystemVersion.plist

As a matter of fact, Ive had to modify that file myself in order to purchase a tweak.  Eclipse, if youre wondering... If you never bought Eclipse in the past, the only way to get it on iOS 9 is to fake your iOS version and purchase the older version before uprading to the iOS 9 version.

So, knowing just how easy it is to spoof your iOS version, what solid evidence has been offered that any version of iOS after 9.0.2 has actually been jailbroken?  Answer; there hasnt been.  I call bullshit.

3)
What is the rational behind why these supposed jailbreaks werent released?  Luca has claimed that he has determined his jailbreak exploit is not "fit for public use".  That somehow his exploit -- which is INTENDED to give the user uninhibited access to all parts of their phone/iPad -- is too dangerous to be released into the wild.  Well, I am calling


BULLSHIT

That is utter bullshit.  I know that at first blush, that sounds like the whining of an entitled /r/jailbreak lurker. But as a former Android ROM developer, and someone who works my dayjob in IT security, I am calling bullshit.  The notion that you are somehow protecting people by not releasing your root exploit is a bunch of crap.   Root in and of itself (what jailbreaking achieves) is an inherent security risk.  One that every jailbreaker willingly accepts when they modify their device.  One that on every single desktop and server operating system on the planet has been viewed as an acceptable, as well as entirely necessary risk.  But for some reason, when it comes to mobile devices, the manufacturers want to hold all the keys.  This right here is the premise behind WHY people jailbreak/root their devices.  By claiming that your exploit is too dangerous to use, you are using Apples own rationale for disabling root access to iOS in the the first place for not releasing your jailbreak.

In my opinion, the real reason why we have yet to see a jailbreak for iOS 9.1 or above is simple.  If you recall, there actually was a browser based, untethered jailbreak developed for iOS 9.1.  One which the cyber security firm Zerodium (a broker that buys and sells exploits), offered a $1,000,000 bounty for which was claimed by an unnamed party.  Think about it.  Really, think it through.  I mean, shit.  Give me a million dollars; Ill buy a house and a car and then throw the rest of it in a money market account and never have to work another day in my life, living just on the interest.  Assuming it was one of the Chinese hacker teams, keep in mind just how far a million American dollars would go in China.  Not hard to imagine that a couple of Chinese dudes skipped out on decades of coding and/or working American tech support hotlines for peanuts, right to a plush early retirement.  Fuck the jailbreak community, were rich, bitch!

Now, this is purely speculation on my part, but here are the facts: at the time of writing, we are now on the second public beta of iOS 9.3, which means 5 -- count em F-I-V-E -- versions of iOS have been released since the last jailbreak.  That is an unprecedented gap between jailbreaks.  My guess; Zerodium shelled out a cold milli to bait the jailbreakers into tipping their hand, and then turned around and resold the exploit to none other than Apple.  Apple now knows exactly what exploits the jailbreakers used to obtain root access to iOS and got the jump on them for the next few iOS releases.

Which brings me right back to my original point.  There is no jailbreak for 9.1, 9.2, 9.2.1 or 9.3 beta 1 or 2.  If there were one, it would have been released already, most likely as soon as the theoretical exploit being used got patched by Apple.

Disregard what Luca or anyone else says about staying back on an old version of iOS in order to someday hopefully jailbreak.  Just upgrade via iTunes whenever a new version comes out.  Keep up with the latest features, bug fixes and security patches.  And be patient.  If and when an inevitable jailbreak is released, the exploit used will most likely work for multiple versions of iOS, meaning when iOS 9.3 is ultimately released, should a jailbreak have been developed for iOS 9.2.1, it will --probably-- work on iOS 9.1 and 9.2 as well and would benefit the jailbreak community the most and for the longest period of time (until the end of the signing window; at most two weeks but most like far less). But this is purely speculative.

It would seem, that for now at least, Apple has won the Jailbreak battle by releasing frequent updates to iOS and shortening the signing windows on firmware.  The reason why the hacker teams that are ACTUALLY jailbreaking iOS are maintaining radio silence is because... they have nothing to share.  So assholes like Luca are taunting the jailbreak community with false evidence of jailbreaks that do not, and probably wont ever exist.  I am assuming that we probably wont see another jailbreak until iOS 10 is released sometime late this year.


Available link for download

Posted by at
Labels: , , , , , , , , ,