Is the iOS 10.3.x JAILBREAK Dead? (Explained)

In today's video we're going to discuss about the current situation of the jailbreak in general, whether it is dead or not. I personally get this question quite often and it is not hard to answer it, but it requires you to understand some underlying concepts. Once you got them, you're able to tell whether the iOS Jailbreaking is gone or not. I was inspired to make this video by an article, in fact a quite long article, written by The MotherBoard about the same topic.the life, death and the legacy of the iOS Jailbreak.

Most of people who jailbreak their devices are doing it for fun, or for customization, but fewer people know that the jailbreak itself takes literally weeks to create. Behind this fancy word we call Jailbreak, the hard truth is that we can only find a bunch of files put in a specific place by an exploit chain. The exploit chain is basically created from various parts, you have entry points (WebKit is one common entry point), you have privilege escalation (you need that root), you own the kernel and do your stuff. Behind these simple schematics, there goes a huge amount of time and code. The shellcode is hard to produce since the ROP (Return Oriented Programming) is nowhere as easy as normal C++, C# or Java programming.

But it is not the code that is the problem today: See, before you can write your exploit, you need a vulnerability that is exploitable. To find one, you need days of reverse engineering and debugging sometimes. Apple has mitigated a lot of security holes that used to be used be Jailbreakers, especially JIT on the WebKit. The introduction of KPP (Kernel Patch Protection) on iOS 9 really made it considerably more difficult for jailbreakers to do their thing, since KPP is enforced with EL3. You can't disable it, but you can attempt bypassing it and it has been done in the past, but Apple mitigates the new possibilities of bypassing KPP quite fast. The introduction of AMCC (actually SiDP) on iPhone 7 only made the things worse, since we're now talking hardware level. These can be bypassed, of course, but once you achieve that and you have a 0day capable of bypassing KPP or AMCC/SiDP, do you really wanna burn it? We're talking hundreds of thousands of dollars here.

The Jailbreak itself, despite the fact that the exploits are getting increasingly valuable, will never die, but we will definitely see less releases in the future. I am pretty sure we'll never get to see a jailbreak for each iOS version yet again, but don't desperate. Once a Jailbreak will be public, make sure you keep it safe. Don't install tweaks that might bootloop your device and therefore make you lose the Jailbreak, save them blobs, and don't go places you don't belong to (like the ROOT file system) (or at least don't modify / remove things there).

I hope I made my points clear, the jailbreak itself is not going to die, but we will see less releases due to above stated reasons, so once we get one, we should be much more careful not to lose it again.



==Resources==

A good read (MotherBoard's article)

KeenLab's Presentation at MOSEC

iOS 10.3.1 / 10.3.2 Cydia Alternative (TweakBox) | Kodi, NDS4iOS, EveryCord, Snapchat++ & More

New Jailbreak Team for iOS 11

iOS 10.3.1 No Longer Signed | Current Jailbreak Status | iOS 11 Beta 2 UPDATE 1

iOS 10.3.2 & iOS 11 Jailbreak Demoed at MOSEC

Stefan Esser to RELEASE 32-Bit Kernel Bugs

GeoSn0w

About GeoSn0w

C#, C, Objective-C Programmer | Beginner iOS Security Researcher | Content Creator | Web Developer I like to bring the latest news from the iOS / iDevice / Jailbreak battlefield to you in a beautiful manner :) I hope you like the site. If you do, don't forget to check out my channel :)

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes:

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>