Forgot your password?
typodupeerror
IOS Iphone Security

Georgia Tech Researchers Jailbreak iOS 7.1.2 136

Posted by timothy
from the have-you-tried-bribing-the-guards? dept.
mikejuk writes The constant war to jailbreak and patch iOS has taken another step in favor of the jailbreakers. Georgia Tech researchers have found a way to jailbreak the current version of iOS. What the Georgia Tech team has discovered is a way to break in by a multi-step attack. After analysing the patches put in place to stop previous attacks, the team worked out a sequence that would jailbreak any modern iPhone. The team stresses the importance of patching all of the threats, and not just closing one vulnerability and assuming that it renders others unusable as an attack method. It is claimed that the hack works with any iOS 7.1.2 using device including the iPhone 5s.
It is worth noting that the The Device Freedom Prize for an open source jailbreak of iOS7 is still unclaimed and stands at just over $30,000. The details are to be revealed at the forthcoming Black Hat USA (August 6 & 7 Las Vegas) in a session titled Exploiting Unpatched iOS Vulnerabilities for Fun and Profit:
This discussion has been archived. No new comments can be posted.

Georgia Tech Researchers Jailbreak iOS 7.1.2

Comments Filter:
  • by ottawanker (597020) on Friday August 01, 2014 @06:47PM (#47586075) Homepage

    When are people going to stop buying products that they feel the need to jailbreak instead of buying unlocked or open alternatives? Keep rewarding the bad behaviour that you don't like, and you'll just get more of the same, except locked down even better.

    • by thieh (3654731)
      Is that odd to say people want the option of jailbreak, not necessary right now? They might just want to exercise the choice at their own pleasure.
    • at least Iphone is now unlocked

      not like the past where it was ATT only and roaming was $20 a MEG!!!

      • by tlhIngan (30335)

        not like the past where it was ATT only and roaming was $20 a MEG!!!

        That's cheap. That's $1/50K or so, or 2 cents a K.

        In a LOT of places, roaming data is charged 5 cents a K if you're on a plan, 20 cents if you're not. If you ever wonder why people can run up $20K bills, well, that's why.

        Anyhow, 7.1.2 jailbreak, I don't trust it. It's buy a Chinese firm wanting to sell pirated apps on iOS, and who knows what sorts of malware are on it (or if you can delete their virus-laden app store).

        It is one of the bigge

    • "Why?"

      Because I'd rather have an iPhone than any other phone and an iPad than any other tablet. If they have to be jailed, then so be it. On the other hand, once I get my device, it's just that much better when it's jailbroken. I'm not rewarding bad behavior. Apple made their choice of how they wanted the platform to be, and most people are perfectly fine with that choice. My personal protest to the contrary wouldn't change one thing.

    • by pla (258480) on Friday August 01, 2014 @09:54PM (#47586987) Journal
      When are people going to stop buying products that they feel the need to jailbreak instead of buying unlocked or open alternatives?

      As soon as my employer decides to offer a choice other than "windows or IOS", I'll take it.

      Until then, jailbreaking remains the only option.
    • by tlhIngan (30335) <.slashdot. .at. .worf.net.> on Saturday August 02, 2014 @02:50AM (#47587743)

      When are people going to stop buying products that they feel the need to jailbreak instead of buying unlocked or open alternatives? Keep rewarding the bad behaviour that you don't like, and you'll just get more of the same, except locked down even better.

      Because the open alternatives well, suck. I've tried Android, and while ICS and JB are nice, they're also way too busy and don't work the way I want them to. Yes, I'm a geek, I love all the billion options it gives me to control it, but damn, I just want to use my phone as a phone. I don't want or care about themes, dynamic backgrounds, wallpapers, etc.

      Plus, I like the way iOS works. Android's got it's own UI, and I find I dislike it (it's gotten a lot better now, but the back button always throws me for a loop because I'm used to seeing back at the top left, while the back button is always at the bottom).

      Then there's whole Google thing. Sorry, Google's business plan involves gathering as much user information as possible.

      Finally - while iTunes sucks, there's a bunch of utility it provides, like backups. I can download IPA files on iTunes and install them on my iOS devices - even if the app gets banned or whatever, as long as I have a local copy, I can install it. Apple hasn't blocked any apps from running, nor have they force-removed apps. And iTunes backups DO work. Backing up on Android? Well, you have Ti Backup and other apps, but nothing by default. Hell, even iCloud backups work. Android backups for me just mean all my apps get reinstalled, but I lose all my data. Thanks, Google.

      Then there's the whole penis^H^H^H^H^Hscreen size thing. I find this enlarging screen size trend disappointing - I want a decent screen, decent CPU, decent RAM, and that entails buying flagships which are growing faster than the American waistline. I mean sure, 441dpi is a bit too much for me (I don't use the phone to my nose), so the 325-ish DPI of the "retina" display is perfectly adequate. Plus, I want real RGB, not pentile crap, and proper color calibration (AMOLED is impressive, but the colors generally oversaturate and are inaccurate). Android is rapidly moving away from being useful to me as an alternative.

      Sure if I wanted open I could use Linux, but Linux desktops are just plain old fugly to me. I develop on Linux, using Windows as a front end (X server for the odd X app, but otherwise a bunch of SSH windows and samba serving files for Gvim for Windows).

      Again, it's all personal preferences, and I know lots of people don't work that way.

      As for jailbreaking, well, the only must-have app I have on iOS is iP Firewall. It lets me control apps use of network - so I block ad servers and the like. (Yes, Android has the same functionality if you root).

      Estimates have around 10% of iOS users jailbreak, and unfortunately, it seems the largest use of jailbreaks are... installing pirated apps.

    • by Lumpy (12016) on Saturday August 02, 2014 @06:59AM (#47588157) Homepage

      Because they dont exist.

      All android phones are locked you have to root them to unlock them, and it's pretty much a similar amount of work. And now you have the Bullshit of S-ON and S-OFF on most android phones that requires you to use exploits to set Security off.

      Even buying a 100% unlocked version of the phone.... S-ON is set and you STILL have to exploit it to unlock it.

      So please tell me what phone can I buy that I already have root, and there is no security at all on the phone to stop me from installing whatever I want or whatever OS I want. Because they just do not exist outside of developer edition short run.

      • by Anonymous Coward

        S-ON/OFF is just an HTC thing.

        You do not have to exploit any Android phone to get root, because you do not have to exploit any Android phone to install another ROM on it. Just install a ROM that has root access and you will have root access - no exploits.

        You just have to unlock the bootloader with adb, which is not an exploit, but rather a feature. Then, load the new ROM with adb, which again is not an exploit.

        You can also load a new Radio without an exploit, as I did with my Nexus 4 phone. I loaded a hybri

        • by Lumpy (12016)

          Then why does a Friends LG phone have the SAME THING just under a different brand name?

  • Considering iOS7 is about to be replaced any day now.
    In Other News, Exploit gives unlimited Lives in Doom.
    • Agreed. GA failed lesson one in jailbreak release 101: wait until the next major release comes out before you give away the exploit.

      • by plover (150551)

        Agreed. GA failed lesson one in jailbreak release 101: wait until the next major release comes out before you give away the exploit.

        Actually, they figured out Advanced Jailbreak Releasing 301: advertise the hell out of the version that has been jailbroken, but give Apple no clue as to how to fix it. Allow as many as people as possible to download and install 7.1.2 in preparation for jailbreaking.

        Apple's pattern of responding to jailbreaks is very predictable: the day after someone announces the jailbreak, Apple will spring into action, releasing a patched version, and immediately preventing anyone from downloading or installing the n

  • by blahbooboo (839709) on Friday August 01, 2014 @07:00PM (#47586161)

    Congrats on jailbreaking an os which is already jail broken?

    • Yup, the Pangu team jailbroke 7.1.2 several weeks ago (I'm typing this on a jailbroken iPad Mini, actually).

      • by StikyPad (445176)

        The news isn't about the availability of a JB; it's about the presentation at Black Hat [blackhat.com]. The JB wasn't "just now" discovered or created. Further, in the presentation, the Georgia Tech (GT) team claimed that Pangu stole their methodology (and added malware, FWIW). It's unclear whether the GT researchers will release an implementation of their methodology at all.

  • by Hecatonchires (231908) on Friday August 01, 2014 @07:40PM (#47586329) Homepage

    A browser that supports userscript extensions (greasemonkey). Bookmarklet just aren't good enough.

  • Anyone notice that MyWi data rates are practically unusable now while Apple's regular mail and Safari apps have no trouble at all? Is it possible that Verizon can tell when you're trying to use your data plan through MyWi?

  • Why bother? (Score:2, Informative)

    by Sir Holo (531007)
    Really, why bother?

    You can buy an unlocked iPhone directly from Apple these days.
  • All the disadvantages of renting and all the disadvantges of owning are yours when you purchase a walled-garden iOS device!

    Remember in 1984 when Apple had that superbowl-commercial against 'big brother'?

    Yeah well that was a promotion for THEIR freedom, not yours or mine.

I am not now, nor have I ever been, a member of the demigodic party. -- Dennis Ritchie

Working...