Apple’s efforts to discourage iOS jailbreaking have typically left enthusiasts waiting a while until code sleuths discover a flaw that lets them bypass safeguards and break some of the platform’s rules. Not this time around, though. The Unc0ver team has released (via TechCrunch) a jailbreak that works with every iPhone that runs iOS 11 or newer, including iOS 13.5 — yes, Apple’s days-old release is already eligible. This may be appealing to fans willing to take the risks associated with jailbreaking (don’t do this unless you’re aware of what could go wrong), but the effect is a mixed bag that says as much about Apple’s security concerns as anything else.
Lead developer Pwn20wnd told Wired that this only really “adds exceptions to the existing [security] rules.” It should maintain user data protections, preserve Apple’s sandboxing (to prevent apps from accessing unauthorized info) and allow secure features like Apple Pay and iMessage. However, it’s based on a zero-day exploit. The same flaw that allows derestricting iOS could also be used for malicious purposes, and it may take a while for Apple to patch the vulnerability. Jailbreaking can also the number of conduits for attacks simply by removing some barriers, and there hasn’t been enough time to assess just what added security risks there are, if any.