Google releases tool that helps security researchers hack iOS devices
Google this week released a proof of concept tool that allows security researchers, and other developers, to hack into iOS 11.1.2, software that could lead to a jailbreak for devices running that OS version.
Created by noted iOS bug hunter Ian Beer, the tool released on Monday takes advantage of an exploit called "tfp0," which has since been patched in Apple's latest iOS 11.2 release.
Beer, a member of Google's Project Zero, told Motherboard the proof of concept is designed to help security researchers test the security layers of iOS without curating their own exploits. The tool was tested on iPhone 6s, iPhone 7 and iPod touch 6G, but Beer is confident it will work on all devices.
"tfp0 should work for all devices, the PoC local kernel debugger only for those I have to test on (iPhone 7, 6s and iPod Touch 6G) but adding more support should be easy," Beer wrote.
The Google researcher pre-announced Monday's release in a tweet last week, sparking hope of a fresh exploit for Apple's famously secure operating system.
"If you're interested in bootstrapping iOS 11 kernel security research keep a research-only device on iOS 11.1.2 or below. Part I (tfp0) release soon," Beer said at the time.
For the jailbreaking community, an un-patched exploit represents a rare and valuable opportunity to bootstrap an iPhone jailbreak. Because Apple's OS is so secure, researchers who find exploits or bugs often opt to sell them to third parties, or collect a bug bounty from Apple, instead of making them publicly available.
For Google, the tool is a means to an end for security researchers looking for previously unreported bugs. The exploit effectively acts as an inroad into iOS, providing developers access to root around in the OS until Apple issues a fix. Though iOS 11.2 patches the hole, Apple is still signing for iOS 11.1.2, meaning users can install the vulnerable iOS version on current hardware.
Due to its maturity as a platform and built-in security protocols, iOS jailbreaks are few and far between. According to Can I Jailbreak, a site dedicated to tracking iOS jailbreaks, the latest jailbreak affects iOS 10 and does not function on iPhone 7.
Despite early popularity with users who wanted to add customizations to their iPhone beyond those offered within Apple's walled garden, jailbreaking has become somewhat of a dying art. Last month, Cydia repositories ModMy, formerly ModMyi, and ZodTTD/MacCiti announced they would no longer accept new packages.
While a jailbreak for iOS 11 has yet to surface, Beer's contribution will likely hasten the process.