Last month, a developer called Axi0mx released an Iphone crack called Checkm8, which attacks a defect in the Ios bootrom, a low-level piece of code that has not been successfully attacked since 2010. The bootrom is read-only, making its defects effectively unpatchable, short of removing the chip and swapping it for one with more robust code (the attack also works on version 1, 2 and 3 Apple Watches).
The crack targets 11 generations of Iphones (though not the most recent ones), and it has important limitations: it has to be run every time the device reboots, and requires physical access at boot-time in order to execute. Despite this, as Dan Goodin notes at Ars Technica, “Checkm8 is going to benefit researchers, hobbyists, and hackers by providing a way not seen in almost a decade to access the lowest levels of iDevices.”
Axiomx and Goodin discussed the crack, and Axiomx points out that some affected devices can be seriously compromised by Checkm8: Iphones without the “secure enclave” trusted module can be attacked with Checkm8 to bypass the unlock PIN. The secure enclave is present in Iphones from the model 6 and above, but Iphone 5s and earlier models are seriously compromised by this attack.
In the meantime, Axiomx holds out hope for security researchers who want to explore other Ios vulnerabilities without subjecting themselves to the strictures of Apple’s security program, and for people who want to install apps from alternative app stores.
axi0mX: If you have a few minutes, I have more things that you may find interesting: Apple has been making jailbreaks very difficult. Things were much better a couple years ago. Before about 2016 there were regular jailbreaks that worked well and a lot of people could jailbreak your phone. That changed with iOS 9, and jailbreaks no longer had persistence, and they were not even reliable. So you would have to try a couple of steps before the jailbreak worked. Jailbreaking became inaccessible to people because you couldn’t get a phone, even an older phone, and jailbreak it, and customize it, and make software that changes things about the phone. People were saying “jailbreaking is dead” because it’s not what it used to be.
Now, the reason [Checkm8] is so great for iOS jailbreakers is people will be able to just get an iPhone X and then be able to jailbreak it on any [iOS] version. That is great because that means anyone can decide to jailbreak and sit down at their computer, connect their phone, and be jailbroken in not much time.
Now, what I released today doesn’t allow you to jailbreak your phone completely with Cydia and other things you would expect from a jailbreak, but that will come soon. And you will be able to jailbreak your phone pretty much anytime you want and on the latest version. And that latest version part is also important, because in the past when people were jailbreaking phones, they had to stay on an older version of the operating system in order for it to have the vulnerabilities that they were using to jailbreak.
Developer of Checkm8 explains why iDevice jailbreak exploit is a game changer [Dan Goodin/Ars Technica]
Nature’s li’l hackers break into security contractor’s van
Aestetix writes, “On Tuesday, October 8th, for the very first time ever, the new issue of 2600 will be released digitally in non-DRM PDF format. We know there are many of you who have been unable to secure copies of 2600 in recent years. With high distribution costs and a declining bookstore landscape, it’s become […]
The Cyber Independent Testing Lab is a security measurement company founded by Mudge Zadko (previously), late of the Cult of the Dead Cow and l0pht Heavy Industries and the NSA’s Tailored Access Operations Group; it has a unique method for assessing the security of devices derived from methods developed by Mudge at the NSA.
Good designers know that a picture can be worth more than 1,000 words. It can also be worth a fair paycheck if you find the right image. That’s why you might want to take advantage of these premium stock photo services, both offering access to thousands of original pics and both on deep discount this […]
Need earbuds that can last and don’t sound like they’re underwater? These Bluetooth earpieces can compete with the sound of AirPods and Beats Pro for a fraction of the price. From sleek ergonomic tech to long-lasting audio that’s perfect for a hike, there’s a set here for every lifestyle. CRESUER TOUCHWAVE True Wireless Stereo Earbuds […]
There are three baseline requirements for any graphic designer: Imagination, fluency with the Adobe Creative Cloud, and the ability to draw a straight line. As a matter of fact, the programs in Adobe CC are so intuitive these days that the last one is probably negotiable. Which is why if you’re looking to land a […]