Latest in Gear

Image credit: Chris Velazco/Engadget

iPhone exploit could allow permanent jailbreak for millions of devices

Fortunately, it requires physical access to the phone.
689 Shares
Share
Tweet
Share
Save

Sponsored Links

Chris Velazco/Engadget

Jailbreaks seemed to be a thing of the past, but last month, a security research released the first free, public iPhone jailbreak in years. Now, another security researcher has discovered an exploit that could make it possible to permanently jailbreak any iPhone from the 2011 4S to the 2017 iPhone X and 8/Plus.

Twitter user axi0mX revealed the bootrom exploit, dubbed checkm8, that makes it possible to jailbreak the devices. As The Verge explains, bootrom exploits take advantage of a vulnerability in the initial code that iOS devices load when they boot up. Because it's read-only memory (ROM), Apple can't overwrite or patch it through a software update. In other words, it's permanent.

Fortunately, the exploit requires physical access to a phone and has to be carried out over USB, so while hundreds of millions of iPhones are at risk, it's unlikely that many of them will be impacted. As far as we know, there's no jailbreak using the checkm8 exploit yet. But there is a risk that the exploit could be developed and not require physical access in the future, which could leave millions of devices vulnerable. We've reached out to Apple for comment on this and will update the story if we hear anything.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
689 Shares
Share
Tweet
Share
Save

Popular on Engadget

The 2019 Engadget Holiday Gift Guide

The 2019 Engadget Holiday Gift Guide

View
Nike will no longer sell its shoes and apparel on Amazon

Nike will no longer sell its shoes and apparel on Amazon

View
Japan's Hayabusa2 is returning to Earth with asteroid samples

Japan's Hayabusa2 is returning to Earth with asteroid samples

View
Google's patient data project 'Nightingale' is under investigation

Google's patient data project 'Nightingale' is under investigation

View
Traeger WiFi grills monitor your wood pellet supply with an $80 sensor

Traeger WiFi grills monitor your wood pellet supply with an $80 sensor

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr