On Friday, the latest iPhone security flaw was revealed on Twitter by a researcher who goes by the name of axi0mX. According to the tweet, every
On Friday, the latest iPhone security flaw was revealed on Twitter by a researcher who goes by the name of axi0mX. According to the tweet, every iPhone from the 4S through the iPhone X is vulnerable to what’s known as a bootrom exploit that could allow jailbreaking. Bootrom is read-only, meaning that the flaw can’t be patched by updates to the device’s operating system.
EPIC JAILBREAK: Introducing checkm8 (read “checkmate”), a permanent unpatchable bootrom exploit for hundreds of millions of iOS devices.
Most generations of iPhones and iPads are vulnerable: from iPhone 4S (A5 chip) to iPhone 8 and iPhone X (A11 chip). https://t.co/dQJtXb78sG
— axi0mX (@axi0mX) September 27, 2019
Here’s the thing: no iPhones or iPads are ‘vulnerable.’ Unless you decide to hand your phone to someone capable of root accessing your device, your phone is not at risk. And, the only reason you’d hand over your phone in that situation is because you actually want to jailbreak your device.
Jailbreaking refers to the process of freeing a device from the restrictions of a closed system–for example, iOS–in order to install apps or features that aren’t available natively. Actually, jailbreaking is something a lot of people spend a lot of time to accomplish, especially on iOS where the only option for installing apps is through Apple’s own App Store.
In fact, the entire reason this was posted on Twitter was to share the exploit with those who would want to use it to create a jailbreak for their device. And even then, the jailbreak is temporary, simply rebooting your iPhone reverts it to its secure state.
In an interview with ArsTechnica, the developer makes it clear that the jailbreak isn’t permanent:
You cannot actually persist using this exploit. The only way that you can break the chain of trust is if you manually do it every boot. So you have to be in DFU mode when you boot, and then you have to connect a cable to your phone, and then you have to run the exploit in order to jailbreak your phone. At that point you can do whatever you want. But in no case will that be the case if you just boot normally. In that sense, it is not persistent.
So, to clarify, you (or a bad guy) would have to have physical possession of your device in order to connect it to a computer, put it in Device Firmware Upgrade mode, and then load code to jailbreak it, which would only last until the next time you restart your iPhone. Which is like saying “I figured out how to get into your safe and swap out your wife’s jewelry for fakes. Just bring the safe to my house and leave it with me and my blowtorch for a few hours… Oh, and when you close the safe and reopen it, the fakes will be the real thing again.”
If you’re using an iPhone 6 or later (with Secure Enclave), this jailbreak still won’t give access to your data without the device passcode.
There are plenty of real risks facing iOS and Android users, and it seems like every day we learn about a new flaw or attack affecting those devices. Apple even offered hackers $1 million if they could prove they were capable of a zero-day attack that gains root access to an iPhone. Zero-day means that the attack requires no action from the user in order for the hacker to gain control of the device beyond being exposed to say a website, for example.
So far, no one has succeeded in this particular type of attack. Or, if they have, neither they nor Apple are talking.
There are certainly bad guys who are doing their best to get access to your device. It was only a few weeks ago that news broke that a minority ethnic group in China was targeted because of their religious beliefs by websites that infected their devices simply by visiting the site. Google researchers had discovered the vulnerability, which has since been patched by Apple.
This isn’t that.
Despite the fact that there are no shortage of news reports claiming that millions of older iPhone devices are “at risk,” rest easy–you and your “time to upgrade anyway” iPhone are fine. Besides, anyone using an iPhone XS, XR or newer are protected.
Or out of luck–depending on how you look at it.
This article is from Inc.com