A computer security researcher has discovered a bootrom exploit on iOS. According to his explanations, the flaw would provide a permanent and unstoppable jailbreak on all smartphones from Apple, from the iPhone 4S to the iPhone X.
A Twitter user named axi0mX, who introduces himself as an iOS security specialist, shared a message revealing the exploit he calls checkm8 (pronounced English, “checkmate”, which means “failure”). and matte “). Several hundred million devices vulnerable to, the iPhone 4S to the iPhone X . Newer devices like the iPhone XS, XR, 11 and 11 Pro are not affected.
The feat could lead to a permanent jailbreak
The exploit is of the bootrom type , which means that it takes advantage of a security flaw in the initial code that iOS devices load on startup. Because it is stored in ROM (read-only), it can not be changed by a software update . This is the first release of a bootrom exploit for an iOS device from the iPhone 4.
In the current state, this discovery does not allow to realize a complete jailbreak with installation of Cydia. It is currently an exploit for developers, who can use it for advanced tasks such as unloading SecureROM or key decryption with the AES engine.
In the early days of the iPhone, a large community of developers was active to work on jailbreak devices. The iOS system has gradually integrated most of the basic features previously provided by the jailbreak (wallpaper, multitasking, copy and paste) and its security vulnerabilities have been filled. Apple’s reward program, which financially rewards security groups that reveal vulnerabilities without publishing them, also encourages developers to not broadcast exploits.