Posted On 19 Oct 2019
Researcher axi0mX claims to have found a new weakness in every iPhone model that could allow them to become permanently, unblockably jailbroken. The weakness, named “checkm8”, means that hackers could get so deep into iOS systems that whatever Apple launches in the way of updates they wouldn’t be able to block it or patch it out. If this is true, it is one of the most serious issues regarding iPhone hacks in a long time.
This weakness is what is known as a bootroom exploit, i.e. it exploits a vulnerable point in the boot code loaded by any iOS device on startup. As it exists in ROM (read-only memory), there’s no way it can be patched or overwritten via software updates. It is the first time such a weakness has been revealed to the public since the iPhone 4.
The researcher said that they were releasing details of the weakness to improve matters for owners of new phones who want to jailbreak them; they claim this will make users safer, as they won’t have to use older, less secure versions of iOS to effect a jailbreak.
This new exploitation is still in its infancy; it’s not possible to download some software that will instantly crack your Apple device, allowing you to modify the OS or download apps. It’s also a “tethered” exploit, which means you can only download it by plugging your phone into a computer, and this has to be done every time you want to use it, which means it’s not a practical option for most people. However, an untethered version may be available soon.
If developers can use this exploit to break into iOS, then there are numerous opportunities for modifying and customizing iOS devices. However, the exploit also comes with dangers; hackers could use it to get around the security protections that lock down stolen and lost phones, and they could install contaminated versions of iOS that could access private information.
Apple will be able to install protection against this exploit in their new devices, but there’s nothing that can be done about the many millions of iPhones that have already been sold. However, it is questionable whether this new exploit will really be the game changer some are claiming. As time has gone by, Apple has plugged more and more gaps in its offerings, to the extent where most people wouldn’t regard jailbreaking as being worth the effort. It remains to be seen if this exploit will gather much attention beyond the hard-core jailbreaking community.