A security researcher claims to have discovered an expliot that could lead to jailbreaken iOS models released as recently as 2017. Just as significantly, checkm8 supposedly can’t be patched by Apple, so any jailbroken device will remain so, no matter which iOS version it’s running.
A person calling themselves axi0mX said on Twitter that they’d found “a permanent unpatchable bootrom exploit for hundreds of millions of iOS devices.” This supposedly works on devices as recent at the iPhone X and iPhone 8, and extends all the way back back to the iPhone 4S.
EPIC JAILBREAK: Introducing checkm8 (read "checkmate"), a permanent unpatchable bootrom exploit for hundreds of millions of iOS devices.
Most generations of iPhones and iPads are vulnerable: from iPhone 4S (A5 chip) to iPhone 8 and iPhone X (A11 chip). https://t.co/dQJtXb78sG
— axi0mX (@axi0mX) September 27, 2019
However, this isn’t a complete jailbreak. It is the critical step that should allow any device to be jailbroken, however. “What I am releasing today is not a full jailbreak with Cydia, just an exploit,” noted axi0mX. “Researchers and developers can use it to dump SecureROM, decrypt keybags with AES engine, and demote the device to enable JTAG.”
The researcher posted the code for his open-source jailbreaking tool to GitHub. “I am releasing my exploit for free for the benefit of iOS jailbreak and security research community,” he said.
Apple insisted from the beginning that third-party iPhone software come only through its App Store. In the early days of the iPhone, hackers would find ways around this restriction, allowing the installation of applications that wouldn’t pass Apple’s strict guidelines, as well as themes, tweaks and more. This was called jailbreaking.
Interest in it has since nearly died out in the general public, however. The features that were once only available to jailbroken iPhones — like video recording, useful settings toggles, custom ringtones and enhanced multitasking — are now part of iOS.
Still, security researchers looking for iOS bugs will surely find uses for this new exploit.