Recent iPhone Security Hole Becomes Universal Jailbreak

Recent iPhone Security Hole Becomes Universal Jailbreak

Apple urged iPhone owners to install the latest update to iOS last month, but that in and of itself wasn’t unusual. What was unusual was the reason for the update. Apple rolled out iOS 14.4 to plug a security hole that online criminals were actively exploiting. Now, that vulnerability has popped up again as a universal jailbreak for iDevices. It only works if you ignored Apple’s pleas to update, but it’s been a while since there was anything approaching a universal jailbreak.

Jailbreaking goes all the way back to the original iPhone when George “GeoHot” Hotz cracked Apple’s security in 2007. Since then, it’s been a game of cat and mouse, but the cat (Apple) has been winning by ramping up security on its devices. Jailbreaking is much harder than it used to be when you could visit a website to instantly unlock the phone’s software.

The new tool from “unc0ver Team” leverages CVE-2021-1782, which is a flaw in the iOS kernel. Because the issue is at a very low level, the modders were able to get their hooks into the system and use it to make modifications. This is not unlike what a malicious hacker might do, except a jailbreak isn’t out to steal your data or take over your phone. Jailbreaking does make your phone less secure, though.

With all that in mind, your phone is yours to do with as you please. If you’re still on iOS 14.3 or earlier, it’s probably compatible with the new unc0ver jailbreak. To install, you just need to get the IPA file from the website and load it on your device with the aid of a computer. You can do that with AltStore or Apple’s Xcode client. If you’ve got a developer account, the Cydia Impactor also works to install IPA files.

We wrote our own exploit based on CVE-2021-1782 for #unc0ver to achieve optimal exploit speed and stability.

— @Pwn20wnd (@Pwn20wnd) February 25, 2021

Jailbreaking allows you to install the software of your choice on the iPhone, something Apple definitely does not want you to do. It’s spent years cashing in on its walled garden approach to mobile software, and if anything, the walls have gotten higher. Apple recently updated its rules to make cloud gaming services infeasible on the App Store, and it kicked out Epic’s Fortnite shooter for attempting to bypass Apple’s payment processing, which costs developers 30 percent of every sale. No doubt there will be some iPhone users who jailbreak just to get Fortnite back.

Continue reading

Third-Party Repair Shops May Be Blocked From Servicing iPhone 12 Camera
Third-Party Repair Shops May Be Blocked From Servicing iPhone 12 Camera

According to a recent iFixit report, Apple's hostility to the right of repair has hit new heights with the iPhone 12 and iPhone 12 Pro.

Nvidia, Google to Support Cloud Gaming on iPhone Via Web Apps
Nvidia, Google to Support Cloud Gaming on iPhone Via Web Apps

Both Nvidia and Google have announced iOS support for their respective cloud gaming platforms via progressive web applications. Apple can't block that.

Google Uncovers iPhone Exploit That Can Steal Data Over Wi-Fi
Google Uncovers iPhone Exploit That Can Steal Data Over Wi-Fi

According to Ian Beer of Google's Project Zero security team, the flaw allowed him to steal photos from any iPhone just by pointing a Wi-Fi antenna at it.

Stadia Is Now Playable on iPhone Thanks to Google’s New Web App
Stadia Is Now Playable on iPhone Thanks to Google’s New Web App

Google promised iPhone support, but Apple's App Store policies got in the way. Now, there's finally a way to play Stadia on iOS — just fire up Safari and go to the Stadia site to use the new progressive web app.