A security researcher has found an unpatchable flaw that allows jailbreaking on a wide range of iPhones. Specifically, this flaw seems to affect models ranging from the iPhone 4S to the iPhone X.
The exploit, referred to as “checkm8”, was announced on Twitter by a security researcher going by the handle axi0mX (@axi0mX). In his tweet, axi0mX says that iPhones running from the Apple A5 to the A11 chipset were affected.
For context, iOS jailbreaks involve exploiting software vulnerabilities within the OS. In this case, the new exploit is described as “a permanent unpatchable bootrom exploit”. Involving read-only memory within hardware rather than the OS. Fixing the issue won’t be easy either; Apple would need to recall all the affected iPhones for silicon revision in the chipset, which is unlikely due to the cost, effort, and the age of the millions of affected devices.
EPIC JAILBREAK: Introducing checkm8 (read "checkmate"), a permanent unpatchable bootrom exploit for hundreds of millions of iOS devices.
Most generations of iPhones and iPads are vulnerable: from iPhone 4S (A5 chip) to iPhone 8 and iPhone X (A11 chip). https://t.co/dQJtXb78sG
— axi0mX@infosec.exchange (@axi0mX) September 27, 2019
Even more alarming is the amount of time needed to jailbreak iOS. According to axi0m, the process takes a mere two seconds, and even went so far as to demonstrate the process of jailbreaking iOS 13.1.1 via his Twitter account.
If there’s a brightside to this scenario, it would have to be that at current, “checkm8” only works while tethered, meaning that you’ll still need to connect to the phone via its port.
HACKED! Verbose booting iPhone X looks pretty cool. Starting in DFU Mode, it took 2 seconds to jailbreak it with checkm8, and then I made it automatically boot from NAND with patches for verbose boot. Latest iOS 13.1.1, and no need to upload any images. Thanks @qwertyoruiopz pic.twitter.com/4fyOx3G7E0
— axi0mX@infosec.exchange (@axi0mX) September 29, 2019
A month ago, Apple accidentally reintroduced a vulnerability in iOS 12.4. The flaw has been fixed in iOS 12.4.1 about a week after the fact. Currently, the “checkm8” exploit is the latest development in the jailbreaking scene.
(Source: @axi0mX Twitter via The Verge, TechRadar, ZDNet)
