Forgot your password?
typodupeerror
IOS Iphone Operating Systems

Evad3rs Announce iOS 7 Jailbreak For Latest Apple Devices 110

Posted by timothy
from the taketh-and-giveth-away dept.
hypnosec writes "Evad3rs, the famous iOS jailbreak team, has announced an iOS 7 jailbreak that will work in all iDevices including iPhone 5S, iPhone 5C and iPad Air running iOS 7.0 through to iOS 7.0.4. The iOS 7 jailbreak was announced without much of a hype, unlike the one for iOS 6. 'Merry Christmas! The iOS 7 jailbreak has been released at http://evasi0n.com/! All donations will go to @publicknowledge, @eff and @ffii,' tweeted evad3rs." Reader FrogBlastTheVentCore adds a note of caution: "They recommend restoring your device to iOS 7.0.4 if it has received OTA updates before attempting to jailbreak."
This discussion has been archived. No new comments can be posted.

Evad3rs Announce iOS 7 Jailbreak For Latest Apple Devices

Comments Filter:
  • iOS 7.1 is probably coming next month... now surely whatever exploit was used will be analyzed by Apple and double-patched for the final 7.1 release.

    You'd think they could have waited just a little bit more!

    • iOS 7.1 is probably coming next month... now surely whatever exploit was used will be analyzed by Apple and double-patched for the final 7.1 release.

      You'd think they could have waited just a little bit more!

      They may have downloaded the beta, realized the exploit had been patched, and released the jailbreak as a result, before a bunch of people update to 7.1 without thinking.

      Pure speculation on my part, but the point is that we should wait to see if they say something about it before complaining that they were impatient. There may have been good reasons.

    • by Servaas (1050156)

      Considering it doesn't work on the beta it seems likely that Apple has already patched whatever hole they used.

      • by Fnord666 (889225)

        Considering it doesn't work on the beta it seems likely that Apple has already patched whatever hole they used.

        I don't have a device to try it on, but the included readme.txt says

        SUPPORTED FIRMWARES:

        - iOS 7.0, 7.0.1, 7.0.2, 7.0.3, 7.0.4, 7.1beta1, 7.1beta2

    • by noh8rz10 (2716597)

      If they did that then apple would patch it in 7.1.1! My question is, is this tethered or untethered?

    • Best they triple patch it, just to be sure.

    • by PNutts (199112)

      The goal has never to been to JB the most current release. Pick one or the other.

    • What I really don't get, sense when was donating to a Twitter account, considered a good thing to do?

  • by HalAtWork (926717) on Sunday December 22, 2013 @02:33PM (#45761055)
    Now if only Apple would bring out new iPod Touch hardware...
  • I love the idea of jailbreaking. Love it. I fully support your right to install whatever you want on the hardware you bought.

    But.

    So there's no confusion, "jailbreaking" is exactly identical to "finding and exploiting a security vulnerability". By definition, someone is using an unpatched problem to root your device and replace the system software with their own version. The fact that you can jailbreak your iPhone means that another party is able to compromise mine.

    Again, I support everyone installing

    • by Greyfox (87712)
      Or that there's so much broken code that they manage to keep finding new ones? Back in the 90's one of the contracting gigs I did was auditing the C standard library source for Data General, as part of their B2-secure certification process. Fast forward a decade or so and you never see anyone doing that. Someone I mentioned this to said it's because automated tools catch the same problems that people reading the code do, but there's plenty of code out there that obviously has never had those automated tools
    • " The fact that you can jailbreak your iPhone means that another party is able to compromise mine."

      Well, yes. Though in a more global sense, practically every open OS on the planet, and most closed ones, are also "vulnerable" in this way. Linux doesn't require "jailbreaking" to load your own kernal patches - it's already "vulnerable" in the sense you're promoting.

      And given that this essentially requires a very specific set of circumstances to achieve, including physical access to the hardware, it isn't the

      • It'd definitely harder now, and I see that as a very good thing. Remember the drive-by website [sophos.com] that was basically a remote root exploit? There's a vast difference between requiring physical access and operator permission, and being able to root a system through the owner visiting a web page.
      • In general, many of these bugs (both in iOS and Android) do not necceserily require physical access, even if that is the easiest way to use them. Ultimately they are just a regular app without any special permissions that, once up and running, use a traditional privilege-escalation type of exploit to gain root privileges on the device and complete its job.
    • The fact that you can jailbreak your iPhone means that another party is able to compromise mine.

      If they have physical control of the device, yes. Why would you trust any device you lost physical control of?

    • So there's no confusion, "jailbreaking" is exactly identical to "finding and exploiting a security vulnerability". By definition, someone is using an unpatched problem to root your device and replace the system software with their own version. The fact that you can jailbreak your iPhone means that another party is able to compromise mine.

      Technically, you are correct (the very best kind of correct). However if you followed jailbreaking more closely you'd realize a couple things.

      1) There is no single exploit involved. With the iOS 6 jailbreak, they had to chain a whole sequence of things together to get root on the device.

      2) In the end, it requires physical control over the device. As I understand it, the iOS 6 jailbreak required an exploit that allowed you to side load an app onto your device. That app, running on your device, then did all t

      • by plover (150551)

        Furthermore, while the jailbreak is considered "untethered", that only means you can reboot the phone without requiring a USB cable to a host computer (an important requirement in my book.) But as far as I know most jailbreaks still initially require the user to connect a USB cable to the device to load a special boot loader that injects the exploit.

    • I love the idea of jailbreaking. Love it. I fully support your right to install whatever you want on the hardware you bought.

      But.

      So there's no confusion, "jailbreaking" is exactly identical to "finding and exploiting a security vulnerability". By definition, someone is using an unpatched problem to root your device and replace the system software with their own version. The fact that you can jailbreak your iPhone means that another party is able to compromise mine.

      Again, I support everyone installing whatever they want on their devices. I'm not thrilled that this can be done on an iPhone by hacking deep into the system through a chunk of broken code somewhere.

      Hmm... I just realized something. If Apple provided a means to gain root on iOS devices, it's likely they would never have discovered any of these security holes. Interesting paradigm. Security through preventing customers from doing what they want.

  • I just finished applying it to my 4th generation iPad. It took about 10 minutes, which was longer than I expected. It uploads an app to your device, which you then run to apply the jailbreak. If Apple would just include a Dvorak keyboard, my main reason for jailbreaking would be gone. Or rather, it would only be driven by my desire to tinker and not from any real need.
    • How is "desire to tinker" not a real need?
      • by Cinder6 (894572)

        How is "desire to tinker" not a real need?

        Because "I want to do this" is not the same as "I need to do this."

        • How do you differentiate "needs" from "wants" once basic survival requirements are met? Does installing a Dvorak keypad on an iPad allow him to secure food and/or shelter he couldn't obtain another way?
          • Seems like there can be some pretty straightforward guidelines.

            If you require a dvorak keyboard, and the lack of a dvorak keyboard is a dealbreaker, then it's a need.

            If you want a dvorak keyboard and would use a dvorak keyboard if you could (but it's not a dealbreaker), then it's a want.

            It's about degrees. If you limit wants/needs to "basic survival requirements" then pretty much the entirety of modern civilization falls into the category of "wants."

            • That's my entire point. "Needs" and "wants" are entirely subjective.
              • Right, but only if you define a need solely as a "basic survival requirement." I do not agree with this definition.

                I would use a simpler definition in the context of cars/hardware/software/housing/etc (none of which are "basic survival requirements")--if it's a dealbreaker, it's a need. If it's not, it's a want.

    • I'm a "one app" jailbreak user too. For me, it's BiteSMS. BiteSMS is great--it's a messaging overhaul that implements popup sms/imessage that lets you compose orreply to messages without leaving your current app. You can schedule messages to send in the future, actually see timestamps, etc. Great program. If this is a legit jailbreak and bitesms works, I'll upgrade to iOS7 right away.

    • by Anonymous Coward

      I really thought every OS with keyboard input these days had dvorak as an option, once you go beyond serving the north-american continent, if you cant load a different layout you are rather screwed, once you are that far, adding dvorak is hardly much work (and likely would be done for free by volunteers if possible)

      Seems odd not to add something that cost so little to include and harms none.

  • by Wizy (38347) <greggatghc&gmail,com> on Sunday December 22, 2013 @02:56PM (#45761195) Journal

    This jailbreak is completely broken, and according to multiple other jailbreakers the evasion team took money to include a piracy app store from china. You can see all the fun on twitter as they yell at each other.

    • Define "broken". It seems to do what it says it does. Why should I care that a Chinese app store that isn't available to me has been included?
      • by petsounds (593538)

        Because they are installing the Chinese store with root access, meaning the code can do whatever it wants with the information on your device and send that information to wherever they want. Jailbreaking always comes with risk, but this basically compromises your device with unknown and unreviewed code. But hey, if you feel like dancing with the devil, go for it.

  • by Anonymous Coward on Sunday December 22, 2013 @03:10PM (#45761295)

    Read Stefan Esser's Twitter feed [twitter.com] for some off the problems with this jailbreak relating to a mandatory Chinese app store that get installed for some users (featuring pirated apps). They also left other members of the community like Saurik out, which is just odd. I wouldn't trust my devices with personal information with the current jailbreak.

    • by OzPeter (195038)

      Read Stefan Esser's Twitter feed [twitter.com] for some off the problems with this jailbreak relating to a mandatory Chinese app store that get installed for some users (featuring pirated apps). They also left other members of the community like Saurik out, which is just odd. I wouldn't trust my devices with personal information with the current jailbreak.

      While you may agree or disagree with Apples stance on controlling the apps in iDevices, one thing is certain is that "Jailbreaks" are Security Exploits with all the ramifications that that entails.

    • Don't see any Chinese app stores. Just Cydia. All working well. Biggest problem: Nothing on Cydia is yet compatible with iOS 7.x, so in a way there's no point unless you just want system access—there's next to nothing that you can install and use. But hopefully that will change in time.

    • Interesting...http://evasi0n.com/l.html
  • by ArbitraryName (3391191) on Sunday December 22, 2013 @05:35PM (#45762261)
    Found here [evasi0n.com].

Wherever you go...There you are. - Buckaroo Banzai

Working...