Affiliate Disclosure
If you buy through our links, we may get a commission. Read our ethics policy.

Alibaba researchers reportedly jailbreak iOS 11.2.1 on iPhone X

Last updated

Security researchers at Alibaba's Pandora Labs claims to have jailbroken Apple's recently released iOS 11.2.1 running on iPhone X, proving the latest version of the operating system contains vulnerabilities open to exploit.

The jailbreak, announced in a post to Alibaba's security blog on Friday, arrives just two days after Apple issued iOS 11.2.1 on Wednesday.

"Although iOS 11.2 fixes some security issues, we confirmed on the day of release that the new version will still be able to jailbreak." said Song Yang, head of Ali Secure Pandora Laboratories. "Although we soon escaped iOS 11.2 perfectly, we were limited to security research purposes, so jailbreak tools will not be provided."

Seen in the photo above, taken on Thursday, researchers at Pandora Labs successfully leveraged undocumented iOS 11.2 loopholes to install an eponymous app using Cydia. Earlier today, the blog post was updated to confirm a jailbreak of iOS 11.2.1, Apple's latest firmware iteration.

Apple released iOS 11.2.1 to restore shared HomeKit access, a feature that was temporarily disabled following the discovery of a critical flaw that threatened the security of connected appliances controlled by Apple's smart home platform. The company promised to issue a permanent fix for the issue on Monday.

While Pandora Labs declined to detail techniques used in the jailbreak, an accompanying screenshot suggests the implementation takes advantage of a memory buffer overflow bug to trigger a kernel panic. Researcher Long Lei, who is credited with reporting seven security vulnerabilities to Apple, explained iOS 11.1 contained a flawed SMAP mechanism that could be bypassed. Apple fixed that hole in iOS 11.2, forcing researchers to find other SMAP workarounds.

Today's jailbreak claims come on the heels of Google's release of a tool that assists in hacking iOS devices running iOS 11.1.2. Created by Google Project Zero employee Ian Beer, the proof of concept is designed to help researchers test the security layers of iOS without curating their own exploits.



24 Comments

SpamSandwich 19 Years · 32917 comments

Gee, it's a good thing that Alibaba isn't in Russia or China... oh, wait.

daven 16 Years · 722 comments

Will Alibaba provide the jailbreaks to Apple and why is Google releasing tools that assist in hacking iOS devices?

sflocal 16 Years · 6138 comments

The jailbreaking community is so ridiculously small now.  One way or another it will be closed so for the time being I guess Alibaba is just claiming bragging rights.

jd_in_sb 14 Years · 1599 comments

what killer apps does jailbreaking offer these days? In the early days I used to jailbreak for things now built into iOS, like a personal hotspot, and email signatures.  Jay the founder of Cydia lives near me and told me that it is still a thriving business so there must be something of value. Perhaps WiFi password viewer? That was cool. 

peterhart 8 Years · 163 comments

jd_in_sb said:
what killer apps does jailbreaking offer these days? 

Wondering the same thing. iOS is so evolved and advanced anymore. Why risk it? ¯\_(ツ)_/¯