On November 9th - 10th, the 12th international security and hacking conference "POC 2017" was held in South Korea and co-founder of Tencent Keen Security Lab, Liang Chen demonstrated the jailbreak on iOS version 11.1.1 running on an iPhone X and he identified vulnerabilities of iOS 11.
He said that it only takes about 30 m inutes to apply his private jailbreak tools in 11.1.1. This was successfully used in 11.1 as well.
*The following is a brief summary review of his studies.
1) Apple enhanced iOS kernel security a lot from post-iOS 10 to iOS 11.
2) 11.1 and 11.1.1 have vulnerabilities and it can be exploited to make a jailbreak even on the new Apples device which has A11 Bionic chip.
3) Before iOS 10, it was difficult to analyze drive without jailbreak but its easy now. Apple currently didnt encrypted iOS kernel so if you know something about reverse engineering, you can analyze it.
4) KeenLab concentrated kernel exploits, exploitation mitigations, bypassing sandbox to create iOS 11 jailbreak. However, Apple blocked task_for_pid(0) an d this makes difficult to jailbreak.
5) Apple actively mitigates some common exploit techniques, making exploration harder.
6) For some typical bugs, Apple tends to fix via mechanism instead of bug itself, to eliminate the whole set of problems.
Liang Chen confirmed that as of now, KeenLab will not give information to Apple but they will try to find more vulnerabilities and after that they will submit comprehensive report to Apple. Thats what he said after presentation and he revealed his plan.
This is why the exploits used to demonstrate new jailbreak will not be released to the public. Chances are very high that KeenLab will submit bugs to Apple’s bounty program or third-parties in exchange for payout. This can happen to any people and they may end up selling the exploit to the highest bidder.
Anyway, it is true that the mood of Reddit jailbreak was distinctly pessimistic but its important to note that "someone " with an interest in pursuing research on this exploits might investigate the firmware to find out crack for it.
Itll take a long time but I think that new jailbreak will bounce back in typical fashion.
Source from Reddit
You can share on Facebook or Twitter.
No comments:
Post a Comment