A newly released exploit for iOS devices could mean that every iOS device with an Apple A5 through Apple A11 processor can be jailbroken.

The new checkm8 exploit is said to work on everything from the iPhone 4S (2011) through the iPhone X (2017) could be vulnerable to the new exploit — plus most iPads and iPod touch models released during that period.

Oh, and unlike most vulnerabilities that can be used to jailbreak an iOS device, it looks like this one will be virtually impossible for Apple to patch via an over-the-air update.

That’s because the checkm8 exploit leverages a vulnerability in the bootrom — the code that runs when an iOS device first boots, and which is read-only memory, meaning it’s not overwritten when Apple pushes a new version of its operating system

The person behind checkm8 notes that it’s the first publicly released bootrom exploit since the iPhone 4, which was released in 2010.

In recent years, public disclosures of iOS vulnerabilities have become rather rare. It’s not necessarily that the vulnerabilities aren’t out there so much as that the folks who used to hunt for them for free are now joining security firms or doing independent research and then selling their discoveries to the highest bidder.

The public release of an exploit like checkm8 is a double-edged sword. On the one hand, since the information is available to anybody it can be used by security researchers and developers alike. On the other, it can also be used by folks who want to create malware.

The good news is that, for now at least, you need to connect a vulnerable iOS device to a computer via a USB cable to do anything with checkm8, so it’s unlikely that your older iPhone will be infected while you’re surfing the web.

And if you want to install apps that aren’t available in the App Store or access settings and features that aren’t normally available, you may eventually be able to jailbreak your phone and install a third-party app store like Cydia.

You may have to wait a little while to do that though — for now, checkm8 is just an exploit, and not a full-fledged tool for jailbreaking. It’s probably just a matter of time until someone packages the exploit into a user-friendly utility that you can use to jailbreak older iPhones, iPads, and iPod touch devices though.

Update: Ars Technica has an interview with axi0mX, the hacker behind the checkm8 exploit. Among other things, the site explains that the exploit only enables tethered jailbreaks, which means that you’ll need to re-jailbreak your phone any time you reboot your device. But there’s also more information about why Apple will probably never be able to patch this vulnerability on hundreds of devices that have already shipped.

The exploit also doesn’t affect the Secure Enclave on newer iPhones, which means that even if a malicious hacker were to obtain physical access to your phone, they wouldn’t be able to access your data without your login credentials — although it is possible that someone could install malware that could run *after* you’ve logged in. More details are in the Ars Technica interview. 

via CNET, The Verge, and Hacker News

Support Liliputing

Liliputing's primary sources of revenue are advertising and affiliate links (if you click the "Shop" button at the top of the page and buy something on Amazon, for example, we'll get a small commission).

But there are several ways you can support the site directly even if you're using an ad blocker* and hate online shopping.

Contribute to our Patreon campaign

or...

Contribute via PayPal

* If you are using an ad blocker like uBlock Origin and seeing a pop-up message at the bottom of the screen, we have a guide that may help you disable it.

Subscribe to Liliputing via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 9,547 other subscribers