Browser-Based iOS 9.1/9.2 Jailbreak Wins $1M Bounty, Will Be Sold for Corporate and Government Use

[MikhailT]

Why? It's Apple's bug. Someone found a bug Apple doesn't know about. Why should they be required by law to tell Apple about it?

Apple should find their own bug, or, you can find it, and tell Apple about the exploit for free.

1. It is actually virtually impossible to find all the bugs. Even Intel can't find bugs on its own in its CPU firmware that despite having one of the most strictest QA validation program on the planet.
2. Because this bug allows someone to break the security. If you have a house that uses a security system and someone found a bug in it, and instead of telling the authorities, he or she tries to sell it. If your house was robbed as the result of this bug and the person who sold it knew it was going to happen, you wouldn't blame the person for not telling the cops about the issue?
3. This firm didn't find any bugs, they intentionally started a contest and paid someone big bucks for the bug and knowing that this is a major security bug, they decided to withhold it from Apple and sell the exploit to anyone who is willing to pay.

 

[lkrupp]

If you read it on the Internet it must be true, right?

 

[gnasher729]

Couldn't Apple buy this, fix the issue, and push out an update?

Edit: You beat me, @Cuban Missles :^)

More like taking them to court. It's one thing if a user voluntarily hacks his own device, it's something else if you sell software that allows others to break into people's computers.

 

[gnasher729]

Why? It's Apple's bug. Someone found a bug Apple doesn't know about. Why should they be required by law to tell Apple about it?

Because they intend to sell it for criminal activities. Yes, an exploit that would hack into _my_ iPhone without my permission is criminal.

 

[alexgowers]

OS X has many more vulnerabilities VS windows
This doesn't surprise me at all... its just marketing.

Woah have you used Windows, that thing is like a leaky sieve. Malware everywhere. OS X and iOS are far more secure and have less issues. You are sipping from some funky cool aid if you think different.

This is probably fake. I mean there is no proof of success and anyone capable of such a hack would be able to make much more than 1million dollars and wouldn't be stupid enough to sell if for such a cheap price anyway.

I call BS On this

 

[zakarhino]

Long ago I used to think Apple's complete opposition towards jailbreaking came down to Apple being greedy.

Now I see it as Apple fighting the good fight. I hope Apple patches this one up and I laud Cook for standing up against the illegal invasions of privacy carried out by hackers and government agencies. I will happily pay the premium for any product or company that actively tries to make a secure product. On the other hand, this technique is pretty much jailbreaking without user consent. Why do some people get frustrated about hacks such as this but then praise consensual jailbreaking as though it's some kind of God send? I think 'hypocrite' doesn't even apply here, 'moron' seems to fit just fine. These people are no different from Android users that trash talk Apple for being a company with 'closed source operating systems' which could house 'spying software.' They usually finish with some stupid point about Android being open source... Do people forget about having Google Play Services and Google software installed on their phones? Do they not understand Google's business model?

I simply do not understand anymore why people would want to open up their phones to hackers. I understand governments are one thing since obviously they can get around iPhone security regardless of jailbreak status but at least we can temporarily comfort ourselves with the promise that our data is being kept hidden in some government data center... Hackers though? Really? People that will sell your data and use your phone/devices as bots? It's just stupid. I can't think of any real practical benefit behind jailbreaking that makes it worthwhile, whether it be on Android of iOS.

Ok, f.lux is an exception that I would REALLY like to see on my iPhone...

 

[2010mini]

Would it help if the user uses a VPN to surf the web?

 

[unplugme71]

Yea, it's a lie but it is not limited to Apple. There is nothing in this universe that can be secure. Everything is breakable.

The only thing secure is knowing that nothing can be secure.

 

[zakarhino]

Would it help if the user uses a VPN to surf the web?

No, I don't think so.

Speaking of which, I can't seem to get my VPNs working on iOS using the OpenVPN app. It connects but my real IP is visible everywhere.

 

[unplugme71]

So basically ignore text messages from odd numbers and unless they corrupt DNS don't visit web sites you don't know.

 

[thebro20]

I'm just curious as to how they made this work

 

[newdeal]

well if all you need to do is visit a website you can assume that it will be available to the public in no time.

 

[AFEPPL]

Woah have you used Windows, that thing is like a leaky sieve. Malware everywhere. OS X and iOS are far more secure and have less issues. You are sipping from some funky cool aid if you think different.

This is probably fake. I mean there is no proof of success and anyone capable of such a hack would be able to make much more than 1million dollars and wouldn't be stupid enough to sell if for such a cheap price anyway.

I call BS On this

Nope, dont fall for the hype... OS X has/had more vulnerabilities in 2014.

Or if you don't believe that one goto CVE, they show OS X having 114 for 2014, windows had 38.
2015 is showing OS X with 335!!!! vulnerabilities, where as windows have 135 server, 130 for Win8

 

[MH01]

Bring back the days when apple was not popular. Beginning to feel like the old days of Windows with the constant exploits these days.

 

[MH01]

Nope, dont fall for the hype... OS X has/had more vulnerabilities in 2014.

What source is that?

 

[AFEPPL]

Doesn't it show you in the windows if you hang over it? Sorry.
GFI and CVE.

I take NO responsibility for the accuracy nor do i warrant it - you can of cause call it out directly with the source if you believe they are incorrect.

 

[NY Guitarist]

If a company buys this, and it doesn't work, can they sue because the product didn't work to illegally break into cell phones?

 

[jkcerda]

It's for the children
Only terrorist have things to hide
/S

 

[Alenore]

Woah have you used Windows, that thing is like a leaky sieve. Malware everywhere. OS X and iOS are far more secure and have less issues. You are sipping from some funky cool aid if you think different.

Have YOU used Windows recently ? Or are you just talking our ot the common idea that "windows vista/xp was a ****hole full of viruses", without checking the current situation, 10 years later ?
If you deactivate every security on it, then yes there's as many malwares as you could find if you disabled the unsigned apps protection on mac or anywhere else.

 

[casperes1996]

Folks, this is just a jailbreak, it's neither illegal, nor can it be applied to a phone whose owner doesn't want it, just like all the other jailbreaks over the years.

In some countries, jailbreaking is actually illegal. I actually believe it's illegal in the US too. Just only for tablets.

 

[nt5672]

If this is in fact true, then we have no one to blame except for Apple. They are the ones that have the closed garden with no way for users to protect themselves and no way for outsiders to know if the security works or not.

Now I am not advocating installing any app, but if iOS was created in a way to verify what is stored on it, then each user could also assume some responsibility for the device's security. For example, where is the button that runs some ROM (unmodifiable) code that checksums each executable and compares it with the app store? Today this is a commodity function that could be in hardware. Prevention is important, but not as important as monitoring and exposure.

Since apple has control of the hardware they certainly can make the device secure, if they want to. But instead they opted for flash memory which is easier to bug fix, when you don't take the time to get your code correct, but harder to protect the user since the code can be changed very easily.

And please don't say I don't know what I am taking about, I had complex real time embedded code running in hospitals for over 20 years with only one bug found and it was not a security bug. At one time, people did take the time to engineer software systems. Today, the goal is not security, it is to make the next marketing deadline and people seem to be fine with that. What people want they usually get.

 

[casperes1996]

From the technical side, I am interested on how this was done - a browser based exploit escape the sandbox and was able to execute as root - sounds like a great accomplishment - god blessed whoever they will target with this.

See there's something interesting. How does one get root access through a sandboxed application?

 

[bradl]

In some countries, jailbreaking is actually illegal. I actually believe it's illegal in the US too. Just only for tablets.

Jailbreaking is most certainly legal in the USA.

http://www.wired.com/2010/07/feds-ok-iphone-jailbreaking/

However, getting to the actual article at hand, and comparing that to say, Pangu, TaIG, comex, the evad3rs, and even geohot, You now see the difference between ethical and unethical hacking: hacking with the intent of making a software better by finding bugs and notifying the authors of the software of said bugs and proof of concept to make them better...

.. versus hacking for pure unadulterated exploitation.

Everyone needs to be sure to not lump one side of this in with the other.

BL.

 

[nt5672]

BTW, I think that this jailbreak is excellent and it should reflect directly on Apple. Security won't improve until people get fed up with the jailbreaks and loss of bank accounts, and demand action.

 

[casperes1996]

If this is in fact true, then we have no one to blame except for Apple. They are the ones that have the closed garden with no way for users to protect themselves and no way for outsiders to know if the security works or not.

Now I am not advocating installing any app, but if iOS was created in a way to verify what is stored on it, then each user could also assume some responsibility for the device's security. For example, where is the button that runs some ROM (unmodifiable) code that checksums each executable and compares it with the app store? Today this is a commodity function that could be in hardware. Prevention is important, but not as important as monitoring and exposure.

Since apple has control of the hardware they certainly can make the device secure, if they want to. But instead they opted for flash memory which is easier to bug fix, when you don't take the time to get your code correct, but harder to protect the user since the code can be changed very easily.

And please don't say I don't know what I am taking about, I had complex real time embedded code running in hospitals for over 20 years with only one bug found and it was not a security bug. At one time, people did take the time to engineer software systems. Today, the goal is not security, it is to make the next marketing deadline and people seem to be fine with that. What people want they usually get.

I'd like to know what you'd use instead of flash memory? I agree that having some things on Read Only Media is a good idea, but they obviously can't solely use that, so what instead of flash? Besides, with a password encrypted device, the entire disk is encrypted with AES 256. iOS is really very secure compared to the competition, not to say it's bulletproof. Nothing is. Besides, the software you've been running hasn't been subject to a $1 million hacking contest, I'm sure. There may be many security holes you are unaware of, because nobody's tried to exploit them.