Unpatchable iOS flaw used to jailbreak older iPhones

A security researcher has released a new jailbreak which impacts all of Apple's mobile devices released between 2011 and 2017 including iPhone models from the 4S up to the iPhone 8 and even the iPhone X.

However, this jailbreak differs from those released in the past because it utilizes a new unpatchable exploit called Checkm8 that exploits vulnerabilities in Apple's Bootrom (secure boot ROM) to give iOS users full control over their devices.

The Checkm8 vulnerability was published by a security researcher called AxiomX who explained to ZDNet that he had worked on the jailbreak all year. 

AxiomX said on Twitter that Checkm8 is “a permanent unpatchable bootrom exploit” which means this jailbreak is far more extensive and efficient than those previously released for Apple's iPhone.

Bootrom jailbreak

In addition to being quite rare, bootrom jailbreaks are also permanent and can't be fixed with a patch. To fix a Bootrom vulnerability permanently would require a silicon revision and even a company as large as Apple would not want to issue a mass recall for iPhones just to modify device chipsets.

This means that the Checkm8 jailbreak is permanent and will work in perpetuity on the devices that have installed it. The last time a Bootrom-based jailbreak was released was back in 2009 and many believed that Apple had managed to secure its boot-up process and make these types of jailbreaks impossible since that time.

AxiomX's jailbreak is currently available on GitHub as a beta release though technical skills are required to install it as it has the potential to easily brick devices.

While a jailbreak of this kind could be used to install unofficial apps on iPhones, the Checkm8 vulnerability could also be exploited by hackers to root devices but this would require physical access to a device.

Via ZDNet



from TechRadar - All the latest technology news https://ift.tt/2o0jvhP
Share:

No comments:

Post a Comment

Categories

Rove Reviews Youtube Channel

  1. Subscribe to our youtube channel
  2. Like our videos and share them too.
  3. Our youtube channel name Rove reviews.

WITNUX

This website is made by Witnux LLC. This website provides you with all the news feeds related to technology from large tech media industries like GSM Arena, NDTV, Gadgets 360, Firstpost and many other such ates altogether at technical depicts so that you need not go to several sites to view their post provide you advantantage of time.

From the developer
Tanzeel Sarwar

OUR OTHER NETWORKS

OUR YOUTUBE CHANNEL

ROVE REVIEWS PLEASE SUBSCRIBE

OUR FACEBOOK PAGE

The Rove Reviews

Support

Trying our best to provide you the best DONATE or SUPPORTour site Contact me with details how are you gonna help us