Recent iPhone Security Hole Becomes Universal Jailbreak

Recent iPhone Security Hole Becomes Universal Jailbreak

Apple urged iPhone owners to install the latest update to iOS last month, but that in and of itself wasn’t unusual. What was unusual was the reason for the update. Apple rolled out iOS 14.4 to plug a security hole that online criminals were actively exploiting. Now, that vulnerability has popped up again as a universal jailbreak for iDevices. It only works if you ignored Apple’s pleas to update, but it’s been a while since there was anything approaching a universal jailbreak.

Jailbreaking goes all the way back to the original iPhone when George “GeoHot” Hotz cracked Apple’s security in 2007. Since then, it’s been a game of cat and mouse, but the cat (Apple) has been winning by ramping up security on its devices. Jailbreaking is much harder than it used to be when you could visit a website to instantly unlock the phone’s software.

The new tool from “unc0ver Team” leverages CVE-2021-1782, which is a flaw in the iOS kernel. Because the issue is at a very low level, the modders were able to get their hooks into the system and use it to make modifications. This is not unlike what a malicious hacker might do, except a jailbreak isn’t out to steal your data or take over your phone. Jailbreaking does make your phone less secure, though.

With all that in mind, your phone is yours to do with as you please. If you’re still on iOS 14.3 or earlier, it’s probably compatible with the new unc0ver jailbreak. To install, you just need to get the IPA file from the website and load it on your device with the aid of a computer. You can do that with AltStore or Apple’s Xcode client. If you’ve got a developer account, the Cydia Impactor also works to install IPA files.

We wrote our own exploit based on CVE-2021-1782 for #unc0ver to achieve optimal exploit speed and stability.

— @Pwn20wnd (@Pwn20wnd) February 25, 2021

Jailbreaking allows you to install the software of your choice on the iPhone, something Apple definitely does not want you to do. It’s spent years cashing in on its walled garden approach to mobile software, and if anything, the walls have gotten higher. Apple recently updated its rules to make cloud gaming services infeasible on the App Store, and it kicked out Epic’s Fortnite shooter for attempting to bypass Apple’s payment processing, which costs developers 30 percent of every sale. No doubt there will be some iPhone users who jailbreak just to get Fortnite back.

Continue reading

Microsoft: Pluton Chip Will Bring Xbox-Like Security to Windows PCs
Microsoft: Pluton Chip Will Bring Xbox-Like Security to Windows PCs

Intel, AMD, and Qualcomm are working to make Pluton part of their upcoming designs, which should make PCs more difficult to hack, but it also bakes Microsoft technology into your hardware.

The Best Smart Home Security Systems
The Best Smart Home Security Systems

Once a niche business with a few traditional players and some startups, home security systems are now a major battleground for not just security companies, but several internet giants. We round up highlights of the most popular options for 2020.

Microsoft Backtracks: Older PCs Won’t Receive Windows 11 Security Updates
Microsoft Backtracks: Older PCs Won’t Receive Windows 11 Security Updates

Restricting feature updates and driver installations is fine. Security updates are a bridge too far.

Researchers Found an Unpatchable Security Flaw in Apple’s M1 And You Probably Don’t Need to Care
Researchers Found an Unpatchable Security Flaw in Apple’s M1 And You Probably Don’t Need to Care

There's a new hardware flaw in the Apple M1, but the problem isn't likely to cause issues for users.