Evad3rs Announce iOS 7 Jailbreak For Latest Apple Devices

hypnosec writes "Evad3rs, the famous iOS jailbreak team, has announced an iOS 7 jailbreak that will work in all iDevices including iPhone 5S, iPhone 5C and iPad Air running iOS 7.0 through to iOS 7.0.4. The iOS 7 jailbreak was announced without much of a hype, unlike the one for iOS 6. 'Merry Christmas! The iOS 7 jailbreak has been released at http://evasi0n.com/! All donations will go to @publicknowledge, @eff and @ffii,' tweeted evad3rs." Reader FrogBlastTheVentCore adds a note of caution: "They recommend restoring your device to iOS 7.0.4 if it has received OTA updates before attempting to jailbreak."

iOS 7.1

[ZorinLynx]

iOS 7.1 is probably coming next month... now surely whatever exploit was used will be analyzed by Apple and double-patched for the final 7.1 release.

You'd think they could have waited just a little bit more!

Re:

[TrekkieGod]

iOS 7.1 is probably coming next month... now surely whatever exploit was used will be analyzed by Apple and double-patched for the final 7.1 release.

You'd think they could have waited just a little bit more!

They may have downloaded the beta, realized the exploit had been patched, and released the jailbreak as a result, before a bunch of people update to 7.1 without thinking.

Pure speculation on my part, but the point is that we should wait to see if they say something about it before complaining that they were impatient. There may have been good reasons.

Re:

[Servaas]

Considering it doesn't work on the beta it seems likely that Apple has already patched whatever hole they used.

Re:

[Fnord666]

Considering it doesn't work on the beta it seems likely that Apple has already patched whatever hole they used.

I don't have a device to try it on, but the included readme.txt says

SUPPORTED FIRMWARES:

- iOS 7.0, 7.0.1, 7.0.2, 7.0.3, 7.0.4, 7.1beta1, 7.1beta2

Re:

[noh8rz10]

If they did that then apple would patch it in 7.1.1! My question is, is this tethered or untethered?

Re: iOS 7.1

[appleguru]

Could be a test? They're using LLVM obfuscator, presumably to make their exploits harder for apple to reverse engineer.

Maybe they want to see if apple can figure it out and patch it in time for 7.1?

Re: iOS 7.1

[monkeyhybrid]

Best they triple patch it, just to be sure.

Re:

[PNutts]

The goal has never to been to JB the most current release. Pick one or the other.

Re:

[jellomizer]

What I really don't get, sense when was donating to a Twitter account, considered a good thing to do?

Re: iOS 7.1

[RyuuzakiTetsuya]

Because the things you can do in user land are far more interesting to a lot of people that it is worth the trade offs in terms of stability, usability and security. Being able to customize the shit out of springboard, the keyboard, etc are really nice and fun but the charm of the OS isnt that I feel nice and fuzzy being in idiot mode, it's that I really don't feel the need to hack at it.

Don't get me wrong, I would love to customize the shit out of ios and run non App Store apps but I generally don't feel I need it to make the thing a nice place to live.

Re:

[phantomfive]

it is worth the trade offs in terms of stability, usability and security.

This is, quite frankly, a false tradeoff. You can get the same stability, usability and security in several ways (like not running as root by default, like requiring extra steps to become root as with Android, etc), WITHOUT taking freedom away from users who would want it.

Remember, everyone has freedom of speech until they want to say something that is forbidden, but those times are when speech protections are most important.

Re:

[PNutts]

He's talking about iOS. Focus.

Re:

[phantomfive]

SO was I. What did you understand?

Re:

[PNutts]

I understood that some of the things you said have nothing to do with iOS. But do continue your mysterious rant.

Re:

[phantomfive]

You're wrong, please improve your skill at reading comprehension.

Re:

[RyuuzakiTetsuya]

This is, quite frankly, a false tradeoff. You can get the same stability, usability and security in several ways (like not running as root by default, like requiring extra steps to become root as with Android, etc), WITHOUT taking freedom away from users who would want it.

No, it's not.

That kind of interaction isn't free. Not as in beer and not as in freedom. You've now got to devote resources to supporting these features, documenting these features and helping users when they fuck up. Granted, yes, you could just leave users out in the cold when everything goes all pear shaped... However, that's kind of psychotic.

The freedom you want isn't free for the vendor. Not free as in beer and depending on device driver agreements, etc. may not be free as in speech. Granted that's a s

Re:

[phantomfive]

It takes more effort for the vendor to attempt to lock these devices down than it would to leave them open.

The "Free as in freedom" crowd had 30 years to bring UI and UX to this stage but no one really cared enough to actually do it. Instead we got everyone disagreeing with each other about KDE or Gnome.

I see, you just wanted to rant irrelevantly about open source, and thought this was a reasonable place to do it. Be gone, troll.

Re:

[RyuuzakiTetsuya]

It takes more effort for the vendor to attempt to lock these devices down than it would to leave them open.

Aside from supporting the functionality, making sure all the APIs work nicely, having customer support in case the whole thing goes wrong...

I see, you just wanted to rant irrelevantly about open source, and thought this was a reasonable place to do it. Be gone, troll.

No, I *love* open source. Open source isn't the same movement as Free Software movement. The FSF had decades to get this right, but never did. It wasn't even on their radar.

Re:

[phantomfive]

Aside from supporting the functionality, making sure all the APIs work nicely, having customer support in case the whole thing goes wrong...

You're either drunk, an idiot, or have no idea what is involved in this thing.......seriously, are you even a programmer? Do you know what is involved in programming an OS? Have you even looked at the iPhone/Android APIs? Your ranting seems mainly orthogonal to reality.

Re:

[RyuuzakiTetsuya]

I am a programmer, but my language of choice lately seems to be PHP. So I'm not banking on my taste or ability as any sort of authority.

If everything *can* run as root, then what might break? What the hell becomes a massive regression?

Free software isn't free as in beer when you've got to support it commercially. Have you ever worked with other human beings before? Do you know that people who really don't want to be power users exist and most of them are buying computing devices?

Re:

[phantomfive]

If everything *can* run as root, then what might break? What the hell becomes a massive regression?

Not everything needs to run as root, nor should it, unless the user specifically wants it to run it as root. Go look at the Android model sometime, you can see that becoming root is not easy, but it is reserved for the user. Your idea of 'support it commercially' is so inapplicable here that it mainly shows you haven't looked deeply into the subject, you are just whining.

Re:

[RyuuzakiTetsuya]

Uh.

If you're doing testing, everything that *can* run as root needs to be tested *as* running as if it's root at some point during testing. You're the one questioning my ability as a programmer?

Further more, the Android security model isn't even close to perfect under the hood, Even if the user is the only user that can go as root, that still doesn't keep apps from doing awful things in the background.

Also, if your device ships with some feature X, and you don't give any sort of software support for feature

Re:

[phantomfive]

You're the one questioning my ability as a programmer?

Yes, yes I am.

Re:

[Em Adespoton]

Feature X := Firewall

I'd prefer to be the one in charge of what leaks off my phone, TYVM. However, since a firewall is difficult to support for Apple, so they didn't ship it. There's a great one on Cydia however.

While I can no longer make any sense of your debate, the truth is that Apple has prevented an iOS malware outbreak by not handing the users the keys to the car -- they'll just take you where you want to go, as long as it's on one of their streets. On the flip-side, they control who gets your info

Re:

[phantomfive]

What is it about iOS that brings out retards like you? Where are you getting your numbers? Do you really think Android support costs are 900% more than iPhone support costs? Did you think about what you are saying at all?

Re:

[RyuuzakiTetsuya]

that's also not to mention that the kind of user interaction that you'd get by featuring freedom is either more modals(whee, everyone remember UAC in Vista?), or having the entire device run as root or ...

The UX tradeoff isn't worth it. Have everything place nice in user land or get the fuck off my phone.

On a tablet or MID, there's less incentive to make things ultra stable, but iOS is still a nice place for most users to live.

Re:

[phantomfive]

^What does that have to do with iOS.

iOS takes away freedom from the user.

Re:

[phantomfive]

Oh yeah? What kind of app can't you build because the OS isn't up to it?

Re:

[Optali]

You are right.

Given the use that we generally give to such a device (reading stuff mostly and some games, taking notes, etc) I don't see a great urge to get a Bash terminal running or a developing environment (because it sucks big balls for coding, that's why).

I jailbroke 6 after getting my iPad3 (from my employer, else I would have continued very happily with my Acer One), I then just re-installed 6 and after updating to 7 I didn't even bother.

Re:iOS 7.1

[Cinder6]

Honestly, as an iOS user, I don't really see the need. I have jailbroken in the past and just didn't see much that was worth the effort or the inevitable wait for official updates. For those that do want/need/"need" root, then this is a good option (or just buy an Android device).

There are a few cool apps/tweaks on Cydia, but userland iOS also has tons of cool apps. For the vast majority of iOS users, jailbreaking isn't necessary.

Review Guidelines tell you what iDon't

[tepples]

A leaked copy of the App Store Review Guidelines [pineight.com] listed several things that no iOS app is allowed to do. For example, there's no public API for seeing which wireless access points are available, making network troubleshooting apps impossible. Nor can a developer create an app launcher that's more accessible to individuals with disabilities. Nor is there any web browser that implements HTML5 features that Apple deliberately left out of Mobile Safari.

Re:

[thunderclap]

All very good reasons to steer clear of the apple ecosystem.

Re:

[plover]

The need is relative, of course. I have many Cydia apps that I refuse to give up, including several that are bought-and-paid-for. They include an outgoing firewall, tethering, various music and media controls, photos added to my contact list, PrivaCy, and many specific gestures to control things such as wi-fi and Bluetooth, all of which are banned by Apple.

Even more of a factor is that I have no burning need to rush to iOS7. Most apps that require iOS7 simply don't offer anything compelling to me. I'm no

Re:

[lhunath]

It's really not so much about "all the cool stuff Cydia offers".

It's all about freedom and control. A non-broken device is effectively a leased piece of hardware where the owner tells you what you can and cannot do with it. It's like renting your house rather than owning it. Sure, it's nice that maintenance is taken care of for you; but most of us actually prefer to know that the thing we live in/with is controlled by us, not somebody with a different agenda whose interest in your happiness and satisfact

Console vs. HTPC

[tepples]

Why would anyone buy a computer that's designed specifically to prevent you from getting root? Even Windows is better than that.

For the same reason people buy game consoles instead of home theater PCs: it's in a convenient form factor, it's affordable, it's where the apps and media are, and maintenance is less complex.

The iPhone was first to market among the new breed of pocket-size computers. A lot of people bought an iPhone 3G (or bought an original iPhone and upgraded it to iOS 2, which introduced the App Store) before Android became widely available. Back then, the alternative was a laptop. And a lot of people bought an iPod

Re:

[ZorinLynx]

I used to think this way, and avoided buying iOS devices for a while because of this thinking.

Then I realized, iOS devices are more like appliances and less like "computers". They're meant to do a specific task well. They're not meant to be general purpose computing systems.

If I need a real computer, that's what my laptop is for. It's FAR more capable hardware-wise than my phone or iPad. The phone and iPad are both good at what they do, and incredibly stable and reliable. Both times I've jailbroken them, I

iPod Touch

[HalAtWork]

Now if only Apple would bring out new iPod Touch hardware...

Nice, but...

[Just Some Guy]

I love the idea of jailbreaking. Love it. I fully support your right to install whatever you want on the hardware you bought.

But.

So there's no confusion, "jailbreaking" is exactly identical to "finding and exploiting a security vulnerability". By definition, someone is using an unpatched problem to root your device and replace the system software with their own version. The fact that you can jailbreak your iPhone means that another party is able to compromise mine.

Again, I support everyone installing

Re:

[Greyfox]

Or that there's so much broken code that they manage to keep finding new ones? Back in the 90's one of the contracting gigs I did was auditing the C standard library source for Data General, as part of their B2-secure certification process. Fast forward a decade or so and you never see anyone doing that. Someone I mentioned this to said it's because automated tools catch the same problems that people reading the code do, but there's plenty of code out there that obviously has never had those automated tools

Re:Nice, but...

[Just Some Guy]

Regardless of where the code is or when it was written, I have a root-level vulnerability that makes my phone insecure. I wish jailbreaking were both unneeded (because you could easily install your own software through official means) and impossible (because there weren't any security holes to exploit).

Re:

[PNutts]

Well said. I wish I had mod points.

Re:

[Overzeetop]

" The fact that you can jailbreak your iPhone means that another party is able to compromise mine."

Well, yes. Though in a more global sense, practically every open OS on the planet, and most closed ones, are also "vulnerable" in this way. Linux doesn't require "jailbreaking" to load your own kernal patches - it's already "vulnerable" in the sense you're promoting.

And given that this essentially requires a very specific set of circumstances to achieve, including physical access to the hardware, it isn't the

Re:

[Just Some Guy]

It'd definitely harder now, and I see that as a very good thing. Remember the drive-by website [sophos.com] that was basically a remote root exploit? There's a vast difference between requiring physical access and operator permission, and being able to root a system through the owner visiting a web page.

Re:

[liquidrocket]

In general, many of these bugs (both in iOS and Android) do not necceserily require physical access, even if that is the easiest way to use them. Ultimately they are just a regular app without any special permissions that, once up and running, use a traditional privilege-escalation type of exploit to gain root privileges on the device and complete its job.

Re:

[ArbitraryName]

The fact that you can jailbreak your iPhone means that another party is able to compromise mine.

If they have physical control of the device, yes. Why would you trust any device you lost physical control of?

Re:

[93 Escort Wagon]

So there's no confusion, "jailbreaking" is exactly identical to "finding and exploiting a security vulnerability". By definition, someone is using an unpatched problem to root your device and replace the system software with their own version. The fact that you can jailbreak your iPhone means that another party is able to compromise mine.

Technically, you are correct (the very best kind of correct). However if you followed jailbreaking more closely you'd realize a couple things.

1) There is no single exploit involved. With the iOS 6 jailbreak, they had to chain a whole sequence of things together to get root on the device.

2) In the end, it requires physical control over the device. As I understand it, the iOS 6 jailbreak required an exploit that allowed you to side load an app onto your device. That app, running on your device, then did all t

Re:

[plover]

Furthermore, while the jailbreak is considered "untethered", that only means you can reboot the phone without requiring a USB cable to a host computer (an important requirement in my book.) But as far as I know most jailbreaks still initially require the user to connect a USB cable to the device to load a special boot loader that injects the exploit.

Re:

[Em Adespoton]

I love the idea of jailbreaking. Love it. I fully support your right to install whatever you want on the hardware you bought.

But.

So there's no confusion, "jailbreaking" is exactly identical to "finding and exploiting a security vulnerability". By definition, someone is using an unpatched problem to root your device and replace the system software with their own version. The fact that you can jailbreak your iPhone means that another party is able to compromise mine.

Again, I support everyone installing whatever they want on their devices. I'm not thrilled that this can be done on an iPhone by hacking deep into the system through a chunk of broken code somewhere.

Hmm... I just realized something. If Apple provided a means to gain root on iOS devices, it's likely they would never have discovered any of these security holes. Interesting paradigm. Security through preventing customers from doing what they want.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[Roger Lindsjo]

How is "desire to tinker" not a real need?

Re:

[Cinder6]

How is "desire to tinker" not a real need?

Because "I want to do this" is not the same as "I need to do this."

Re:

[ArbitraryName]

How do you differentiate "needs" from "wants" once basic survival requirements are met? Does installing a Dvorak keypad on an iPad allow him to secure food and/or shelter he couldn't obtain another way?

Re:

[Moridineas]

Seems like there can be some pretty straightforward guidelines.

If you require a dvorak keyboard, and the lack of a dvorak keyboard is a dealbreaker, then it's a need.

If you want a dvorak keyboard and would use a dvorak keyboard if you could (but it's not a dealbreaker), then it's a want.

It's about degrees. If you limit wants/needs to "basic survival requirements" then pretty much the entirety of modern civilization falls into the category of "wants."

Re:

[ArbitraryName]

That's my entire point. "Needs" and "wants" are entirely subjective.

Re:

[Moridineas]

Right, but only if you define a need solely as a "basic survival requirement." I do not agree with this definition.

I would use a simpler definition in the context of cars/hardware/software/housing/etc (none of which are "basic survival requirements")--if it's a dealbreaker, it's a need. If it's not, it's a want.

Re:

[Moridineas]

I'm a "one app" jailbreak user too. For me, it's BiteSMS. BiteSMS is great--it's a messaging overhaul that implements popup sms/imessage that lets you compose orreply to messages without leaving your current app. You can schedule messages to send in the future, actually see timestamps, etc. Great program. If this is a legit jailbreak and bitesms works, I'll upgrade to iOS7 right away.

Re:

[PNutts]

Not after they send you the letter.

Re:

[dugancent]

I've been using tetherme since the iPhone 3G and they have never sent me "the letter".

Re:

[Anonymous Coward]

I really thought every OS with keyboard input these days had dvorak as an option, once you go beyond serving the north-american continent, if you cant load a different layout you are rather screwed, once you are that far, adding dvorak is hardly much work (and likely would be done for free by volunteers if possible)

Seems odd not to add something that cost so little to include and harms none.

Jailbreak with broken Cydia and Mobile Substrate

[Wizy]

This jailbreak is completely broken, and according to multiple other jailbreakers the evasion team took money to include a piracy app store from china. You can see all the fun on twitter as they yell at each other.

Re:

[ArbitraryName]

Define "broken". It seems to do what it says it does. Why should I care that a Chinese app store that isn't available to me has been included?

Re:Jailbreak with broken Cydia and Mobile Substrat

[ArbitraryName]

When you jailbreak you're running random code from the internet that was specifically advertised as a security exploit. I don't know what sort of naive expectations you have.

Re:

[petsounds]

Because they are installing the Chinese store with root access, meaning the code can do whatever it wants with the information on your device and send that information to wherever they want. Jailbreaking always comes with risk, but this basically compromises your device with unknown and unreviewed code. But hey, if you feel like dancing with the devil, go for it.

Re:

[Elbart]

It throws the "It's only for homebrew, I swear"-rationale out the window.

Just because you're at the Hilton...

[Overzeetop]

Just because you're staying at the downtown Hilton doesn't mean you want to eat every meal at the in-house restaurant.

Re:

[PNutts]

Even the hottest girl in the room has a guy that's sick of her.

DO NOT USE - Super sketchy stuff happening

[Anonymous Coward]

Read Stefan Esser's Twitter feed [twitter.com] for some off the problems with this jailbreak relating to a mandatory Chinese app store that get installed for some users (featuring pirated apps). They also left other members of the community like Saurik out, which is just odd. I wouldn't trust my devices with personal information with the current jailbreak.

Re:

[OzPeter]

Read Stefan Esser's Twitter feed [twitter.com] for some off the problems with this jailbreak relating to a mandatory Chinese app store that get installed for some users (featuring pirated apps). They also left other members of the community like Saurik out, which is just odd. I wouldn't trust my devices with personal information with the current jailbreak.

While you may agree or disagree with Apples stance on controlling the apps in iDevices, one thing is certain is that "Jailbreaks" are Security Exploits with all the ramifications that that entails.

Re:

[phantomfive]

What is so bad about having the Chinese appstore included? Hell, I'd look at that as a feature.

The primary fear is that it would be a high risk vector for malware.
A secondary fear is that it opens the jailbreakers to lawsuits, if there are too many pirated apps on that website.

Re:

[phantomfive]

Wow bro, there are plenty of reasons to jailbreak your phone without wanting to pirate apps.

Re:

[tlhIngan]

The primary fear is that it would be a high risk vector for malware.
A secondary fear is that it opens the jailbreakers to lawsuits, if there are too many pirated apps on that website.

Well, given how much must be done to have a jailbreak, the fact it was paid for by the Chinese is probably the most interesting part. Very sketchy. Do we need to remind people of all the Android malware that seems to infect Chinese phones?

There's plenty of things that get executed and a lot of it runs are root. If you think An

Already used it (iPad 2)

[aussersterne]

Don't see any Chinese app stores. Just Cydia. All working well. Biggest problem: Nothing on Cydia is yet compatible with iOS 7.x, so in a way there's no point unless you just want system access—there's next to nothing that you can install and use. But hopefully that will change in time.

letter to the community from evasi0n

[Robert Goatse]

Interesting...http://evasi0n.com/l.html

Re:

[phantomfive]

On older iOSes (version 5), you could use ssh tunneling [iphonedevwiki.net], unzip your app (.ipa is a zip file), and run "scp -r -P 2222 Payload root@localhost:/Applications/", that is copy it to the /Applications directory. In iOS 4 you needed to reboot your phone for it to show up. In iOS 6 you need to modify some plist file or something for it to show up.

You can also try the ideviceinstaller command. You might need to sign your app first using ldid. Using the codesign command with your own personal certificate that you

Re:

[PNutts]

But lets be honest, if you can afford an iOS device you can afford a subscription. It's all a matter of budgeting priorities.

What if somebody gave it to him?

Re:

[PNutts]

Money is tight, so I'm short the Apple Tax to do iOS development. But I have a jailbroken device.

What do I do to install my own App, that I developed myself, on my own jailbroken device?

IIRC $99 bucks to be legit or you could run them in the emulator. Putting them on your own device is not required to do development. Write something cool and you'll have volunteers.

Evasi0n has issued a statement.

[ArbitraryName]

Found here [evasi0n.com].