Affiliate Disclosure
If you buy through our links, we may get a commission. Read our ethics policy.

Corellium exploits iOS jailbreak to install Android on iPhone

Project Sandcastle lets users run a limited version of Android on older iPhone models. | Source: Forbes

Last updated

Cybersecurity startup Corellium, which is being sued by Apple over alleged copyright infringement, on Wednesday revealed Project Sandcastle, a beta product that leverages the checkra1n jailbreak to launch a version of Android on older iPhone models.

Shown off to Forbes, the Android-on-iPhone beta is designed as a type of proof of concept that demonstrates Apple's walled garden can — to some extent — be compromised.

"Apple restricts iPhone users to operate inside a sandbox, but users own that hardware, and they should be able to use that hardware the way they want. So where sandboxes create limits and boundaries on the hardware that users own, sandcastles provide an opportunity to create something new and wonderful from the limitless bounds of your imagination," Corellium said in a statement.

Corellium built Project Sandcastle with first-party tools, specifically virtualization software capable of creating an "ephemeral" phone within an iPhone. Because it relies on the checkra1n jailbreak, Corellium's beta product can infiltrate the latest iOS 13, but is restricted to iPhone 7, iPhone 7 Plus and iPod Touch. Support for other iPhone versions is in the works, though the jailbreak is unable to penetrate iPhone 11 and above.

If a new jailbreak is discovered, however, Project Sandcastle could use the exploit to run Android on current generation iPhones.

The new initiative is salt in the wound for Apple, which last year sued Corellium for allegedly infringing on iOS copyrights by selling iOS and device virtualization software. According to the lawsuit, the product portfolio includes virtual versions of iOS devices running what Apple calls unauthorized copies of iOS.

"Apple has, for years, attempted to lock down the iPhone and iPad under the guise of security when, in reality, it sought to exclude competition," David Hecht, partner at Pierce Bainbridge and Corellium's counsel told Forbes. "Apple's dominance allows it to decide everything from what apps will be allowed in the market to the commission it charges developers. Corellium's solution to run Android on iPhone will finally provide customers with a viable alternative to Apple's App Store and iOS."

Most recently, Apple roped Santander Bank and L3Harris Technologies into the legal fray with subpoenas demanding the companies turn over information detailing how they use Corellium's software. Apple also requested all communication between the firms and Corellium, as well as contracts and information about Corellium founder Chris Wade.



25 Comments

cy_starkman 16 Years · 653 comments

i would think a viable alternative would be to buy an android phone.

seems a lot simpler

carnegie 10 Years · 1082 comments

That seems like it would be a violation of 17 USC §1201(a)(2) and/or 17 USC §1201(b).

CloudTalkin 5 Years · 916 comments

i would think a viable alternative would be to buy an android phone.

seems a lot simpler

But how would that help Corellium provide a proof of concept that they could breach Apple's software?  Having an Android phone wasn't their goal.

sflocal 16 Years · 6139 comments

If there is one indication of someone that has way too much time on their hand (and doesn't value that time), this is the perfect example of that.  

I suppose its to say they did it, but really.

DAalseth 6 Years · 3070 comments

☘️So whataya be wanten to do a damn fool ting like dat der? ☘️
Seriously this is like having an older Lexus so you decide to replace the motor with one from Daihatsu. As Carnegie said above, It would be a lot easer and likely cheaper to just get an Android phone. As it's designed to run Android it likely would work better.