- A new jailbreak that unlocks the most recent iOS version is out now and available for free.
- Apple messed up by opening the door for jailbreaks by retracting a patch on 12.4 by mistake.
- People are advised to be extra careful with what apps they download, whether they are jailbreaking or not.
As reported by Motherboard, Apple has mistakenly unpatched a known vulnerability that they had fixed in the past, making it possible for hackers to jailbreak the latest iOS 12.4. Hackers realized this almost immediately, releasing a jailbreak for current iPhones proving their readiness even after years have passed since the last time this happened. Now, until Apple fixes this problem again by releasing 12.4.1, owners of iPhones using the unpatched version will be able to jailbreak their devices.
iOS jailbreaking is the equivalent of “rooting” your Android device for iPhones, allowing the user to remove any restrictions that are imposed by the manufacturer of the OS, remove or install apps that are unavailable on the official Apple App Store, enjoy some level of device customization, unlock carrier restrictions, and even use your phone with an increased level of privacy. However, it’s not all bells and whistles, as jailbreaking means unconditional privilege escalation, and this can potentially allow a malware infection do all kinds of nasty stuff on your device. Installing things from outside the store may mean that they are coming bundled with malware, so this whole thing is a risky endeavor, especially for those who don’t fully understand what they’re doing.
Here’s your daily reminder that #iOS 12.4 is still the latest and the signed firmware for any #iPhone, #iPad or #iPod and you can still restore or upgrade to it and jailbreak with the #unc0ver #jailbreak v3.5.2 and make your device your own.
— Pwn20wnd is reviving 0-Days (@Pwn20wnd) August 20, 2019
Already, thousands are using the available jailbreaks to customize their iOS or install unapproved apps, which highlights the problem with maintaining a manic obsession not to allow your users at least some form of UI customization freedom. If Apple had a different approach on the matter, way fewer people would take the risks of using a jailbreak, and as a result, fewer would run serious security risks right now. For now, Apple hasn’t issued an official response on this matter, and experts consider the release of 12.4.1 certain sometime during the upcoming few days.
I hope people are aware that with a public jailbreak being available for the latest iOS 12.4 people must be very careful what Apps they download from the Apple AppStore. Any such app could have a copy of the jailbreak in it.
— Stefan Esser (@i0n1c) August 19, 2019
Another issue that is raised is the unintentional jailbreak that could happen through the installation of an app that has the code incorporated inside it. That could turn a device into a spying tool without the user knowing it, and eavesdropping is just one of the hundreds of possible exploitation scenarios that could arise from something like that. From this perspective, Apple should be working feverishly to revert their mistake with a patch now before malicious actors are given enough time to wreak image-damaging havoc to their ecosystem.