The Pangu jailbreak could put an iOS 8 jailbreak even further out of reach | Cult of Mac

The Pangu jailbreak could put an iOS 8 jailbreak even further out of reach


Screen Shot 2014-06-26 at 8.02.49 AM

Jailbreakers got an unexpected present last week when a relatively unknown hacker group released a jailbreak for iOS 7.1.1. Called “Pangu,” the jailbreak package was later determined to be safe besides a shady pirate app store installed alongside the program.

But the Pangu jailbreak isn’t all that it appears. The methods the jailbreak uses to hack your device were stolen.

According to iOS researcher Stefan Esser — who has previously been responsible for untethered jailbreaks under the handle i0n1c — the Pangu jailbreak relies upon two stolen things in order to work: an enterprise certificate from Apple, and Esser’s own secret jailbreak methods.

“They are just thieves,” Esser wrote on Twitter.

It’s not uncommon for apps to sidestep the vetting process of the iOS App Store by using enterprise certificates. That is, for example, the technique the popular iOS GameBoy emulator GBA4iOS uses to install itself on devices. Enterprise certificates allow a developer to install their app on as many devices as they’d like, without Apple’s approval, and while Apple can revoke the enterprise certificate at any time, in most case, the certificate will continue to work as long as you roll your system date back.

But the theft of Esser’s jailbreak techniques might be a bigger deal. It seems abstract at first, but Esser claims that the Pangu jailbreak uses many secret vulnerabilities that he has only shared with other people in a research setting.

“The Pangu jailbreak does not only use one info leak bug but several from my training. And there is basically my code linked directly into it,” Esser wrote.

From a practical perspective, though, the fact that these vulnerabilities were used to jailbreak iOS 7.1.1 just months before iOS 8 is released means that Apple will have patched them by the time the next major version of their operating system comes around. Which means that, potentially, an iOS 8 jailbreak could take even longer to find than it usually does. And that’s bad news for everyone.

Source: Macworld


Daily round-ups or a weekly refresher, straight from Cult of Mac to your inbox.

  • The Weekender

    The week's best Apple news, reviews and how-tos from Cult of Mac, every Saturday morning. Our readers say: "Thank you guys for always posting cool stuff" -- Vaughn Nevins. "Very informative" -- Kenly Xavier.