Jailbreaking Apple iPhone was one of the most interesting space for tech enthusiasts a few years back. While it seemed to be losing its sheen, jailbreaking is having a moment of reckoning right now. Despite Apple’s efforts to discourage iOS jailbreaking, new exploits have emerged that break virtually any iPhone. The Unc0ver team has released a new jailbreak that works with every iPhone running iOS 11 or newer. This even includes iOS 13.5, which was released just a few days back.

If you are a tech enthusiast looking to break into Apple’s walled gardens, then might appeal to you. However, before you jailbreak your iPhone, it is recommended that you know the caveats. Pwn20wnd, the lead developer of the Unc0ver team told Wired that this only “adds exceptions to the existing [security] rules.” The exploit is based on a zero-day flaw in the iOS kernel but it maintains some of the core functions. It preserves Apple’s sandboxing and allows secure functions such as Apple Pay and iMessage.

In the past, we have seen hackers exploit vulnerability for malicious purposes. For this very reason, the zero-day exploits are not made public before offering time to concerned companies to fix the issue. Apple has not offered an official comment just yet, However, it might take a while for the company to release a patch. One can only hope that Apple patches the vulnerability before a malicious actor exploits it. This could limit the security aspect of iPhone running current versions of iOS.

With the resurgence of jailbreaking, it is clear that Apple has work cut out in the security aspects of its mobile operating system. In April, a vulnerability attached with the Mail app raised concerns. An early build of iOS 14 has been out in the wild for months giving attackers opportunity to work on exploits. While the practical threat may not be high, Apple iOS definitely seems vulnerable than ever before. With WWDC less than a month away, Apple might need to focus on fixing this major gap in the ecosystem.

Go to Source

Leave a Reply

Your email address will not be published.