Recent iPhone Security Hole Becomes Universal Jailbreak

Recent iPhone Security Hole Becomes Universal Jailbreak

Apple urged iPhone owners to install the latest update to iOS last month, but that in and of itself wasn’t unusual. What was unusual was the reason for the update. Apple rolled out iOS 14.4 to plug a security hole that online criminals were actively exploiting. Now, that vulnerability has popped up again as a universal jailbreak for iDevices. It only works if you ignored Apple’s pleas to update, but it’s been a while since there was anything approaching a universal jailbreak.

Jailbreaking goes all the way back to the original iPhone when George “GeoHot” Hotz cracked Apple’s security in 2007. Since then, it’s been a game of cat and mouse, but the cat (Apple) has been winning by ramping up security on its devices. Jailbreaking is much harder than it used to be when you could visit a website to instantly unlock the phone’s software.

The new tool from “unc0ver Team” leverages CVE-2021-1782, which is a flaw in the iOS kernel. Because the issue is at a very low level, the modders were able to get their hooks into the system and use it to make modifications. This is not unlike what a malicious hacker might do, except a jailbreak isn’t out to steal your data or take over your phone. Jailbreaking does make your phone less secure, though.

With all that in mind, your phone is yours to do with as you please. If you’re still on iOS 14.3 or earlier, it’s probably compatible with the new unc0ver jailbreak. To install, you just need to get the IPA file from the website and load it on your device with the aid of a computer. You can do that with AltStore or Apple’s Xcode client. If you’ve got a developer account, the Cydia Impactor also works to install IPA files.

We wrote our own exploit based on CVE-2021-1782 for #unc0ver to achieve optimal exploit speed and stability.

— @Pwn20wnd (@Pwn20wnd) February 25, 2021

Jailbreaking allows you to install the software of your choice on the iPhone, something Apple definitely does not want you to do. It’s spent years cashing in on its walled garden approach to mobile software, and if anything, the walls have gotten higher. Apple recently updated its rules to make cloud gaming services infeasible on the App Store, and it kicked out Epic’s Fortnite shooter for attempting to bypass Apple’s payment processing, which costs developers 30 percent of every sale. No doubt there will be some iPhone users who jailbreak just to get Fortnite back.

Continue reading

Remote-Control Firefighting Tank, Other Projects Receive Millions in 5G Grants
Remote-Control Firefighting Tank, Other Projects Receive Millions in 5G Grants

The Australian government announced late last year it would be providing organizations with up to $2 million AUD each in grants for 5G projects. Now it has revealed the winners.

Microsoft Backtracks: Older PCs Won’t Receive Windows 11 Security Updates
Microsoft Backtracks: Older PCs Won’t Receive Windows 11 Security Updates

Restricting feature updates and driver installations is fine. Security updates are a bridge too far.

Patient Receives First 3D Printed Prosthetic Eye
Patient Receives First 3D Printed Prosthetic Eye

To print the eye, Fraunhofer IGD devised a process that would cover every step of the patient experience, from taking a patient’s measurements and matching the design to the healthy eye all the way to printing the actual prosthetic.

Valve’s Dynamic Cloud Sync Delivers Unprecedented Flexibility for Steam Deck, PC Gamers
Valve’s Dynamic Cloud Sync Delivers Unprecedented Flexibility for Steam Deck, PC Gamers

As Valve's Steam Deck creeps closer to launch the company is unveiling more of the device's features and capabilities. One of those features is Dynamic Cloud Sync and it sounds like an improvement over the current save system.