Checkm8 Exploit Opens Door to Unpatchable Jailbreak on iPhone 4S Through iPhone X

[WannaGoMac]

"Nevertheless, since it's an unpatchable issue, it's a security risk that iOS users should be aware, and an incentive to upgrade to newer handsets."

Apple released it so force upgrades to a new iPhone!

 

[palmerc]

This is great, it means people who want to do crazy things with their older iOS devices can jailbreak them to do so.

There's really no real world security threat; you have to go out of your way to do a bootrom exploit.

This is a real world security threat.

The exploit demonstrates a USB string descriptor exploit that leads to a ROP chain and it looks like arbitrary code running on the iPhone.

In all likelihood this is what security companies were using to hack iPhone PIN codes, so yeah, it is a security problem.

 

[Larsvonhier]

It's a bootrom exploit. Nobody will be installing anything on your phone... Unless you hand it to them and they DFU in to your phone and run the JB.... But at that point I think you have bigger problems.

Have you (n)ever travelled across US borders? Quite common that you get separated from your gadgets for a couple of minutes there in the screening process...

 

[jona2125]

This is the best news I've heard in a while. I can make some more use out of the stack of older devices I have sitting around

Have you (n)ever travelled across US borders? Quite common that you get separated from your gadgets for a couple of minutes there in the screening process...

When? Never have I needed to submit my devices to CBP. They stay in my bag or in my pocket depending on my method of travel

 

[Webster's Mac]

Sweet! So maybe someone will come out with an untethered downgrade for my 1st gen iPad mini? That thing is practically useless on iOS 9. I can get the apps I want on it for iOS 6. But right now, I cannot get that performance back. I don’t really care about jail breaking, but I do care about downgrading!

 

[mike-s]

Meh, nothing to worry about.

If this could be done on someone else’s iPhone without their knowledge, that that would be a massive security hole. As is it poses no threat to anyone and is more of a curiosity people can play around with.

The “unpatchable” part is misleading. Apple can’t patch a device that’s had this performed, but they sure can make changes to iOS to prevent this from working in the future.

This is a bootROM exploit. Every iPhone ever manufactured excluding the iPhone XS and 11 series will always be vulnerable to this exploit regardless of any iOS updates. There is no patch.

 

[Krevnik]

Once the data is copied off the phone can't you brute force it without fear of being locked out? What's the encryption like?

You can read through the details yourself if you want: https://www.apple.com/business/docs/site/iOS_Security_Guide.pdf

The NAND itself is encrypted with AES 256. The passcode is the weak point, but to generate the AES 256 key from the passcode, you need the passcode and the unique AES 256 key burned into the Secure Enclave on the SOC. The passcode is run through PBKDF2 and then tangled with the AES 256 key in a one-way operation.

So dumping the flash raw means you face AES 256 at full strength, even if you know the passcode, because you also need the AES 256 key from the SOC to be able to recreate the key yourself if you aren't just brute forcing AES.

The fastest way to crack an iPhone is to brute force the passcode and bypass the lockout on attempts if you can. It also gives you the most access to the content.

Individual containers/files can be encrypted with separate keys based on the level of access the OS should have in different states of lock/unlock, on top of the NAND encryption. So if you dump the flash unencrypted, you then also need to crack the containers for things like email and messages which are also AES 256 encryption. All the more reason to focus even more on the passcode and attempt lockout mechanisms.

This is a bootROM exploit. Every iPhone ever manufactured excluding the iPhone XS and 11 series will always be vulnerable to this exploit regardless of any iOS updates. There is no patch.

Apple still manufactures the iPhone 8 and 3rd Gen Air. I wouldn't be surprised if we see manufacturing runs of those that include the patched boot ROM.

 

[dannyyankou]

All the cool kids violate their warranty. Didn't you know?

It doesn’t void your warranty, this is a myth.

 

[DeLoMan]

Is there anything exciting going on in the jailbreaking community anymore? Aside from using Apps you don't pay for, is there a reason to jailbreak anymore?

Yes. I have a dash/console integrated iPad Mini 2 in my 1981 DeLorean. It is connected via lightning cable to a Sony headunit installed in a cubby behind the seat. By using Sony's AppRemote app, I can control all stereo functions from the iPad itself. With the iPad being jailbroken, I can enable even more functionality---for example, I have Activator installed to automatically unlock the iPad when the iPad receives power (in other words, the key gets turned and the iPad gets unlocked). I also have it set to open the AppRemote software immediately after being unlocked. Little tweaks like this are nice to have and can only be obtained for me via jailbreaking.

 

[realtuner]

No, this is very much something to worry about. The potential for this to be exploited by thieves or state-level actors is immense.

All it takes is someone with a momentary lapse of sense and plugging into the innocent looking USB charger at the airport in China, and now the red army is looking through all of your human rights activism.

This actually a big flippin' deal and should never have been released.

Did you miss the part where the device has to be put into DFU mode? You think people plugging their devices into charging ports at airports are also in the habit of activating DFU mode?

This is a bootROM exploit. Every iPhone ever manufactured excluding the iPhone XS and 11 series will always be vulnerable to this exploit regardless of any iOS updates. There is no patch.

it’s not software based

Curious, do you think the Lightning port has a direct connection to the ROM?

 

[840quadra]

Honestly neat to hear and will be nice to have some additional services / software options for my older devices in my collection.

Maybe jailbreak devs will activate Nite Mode and the more advanced computational HDR of the newer camera app onto the X and older devices.

Pipe dream

 

[H3LL5P4WN]

Did you miss the part where the device has to be put into DFU mode? You think people plugging their devices into charging ports at airports are also in the habit of activating DFU mode?

Actually yes, I did.

So then this is only slightly less dangerous. Hostile security checkpoints come to mind, as @Larsvonhier pointed out.

 

[posguy99]

Unless this can be used as a security exploit, I doubt anyone but the vast minority of iOS users will care.

"Used as...?" It's a security exploit by definition.

 

[alFR]

I understood that the boot ROM was, well, ROM i.e. you can't write to it. The iOS security guide says it's baked into the processor during production and is immutable, with the boot ROM verifying the bootloader and not allowing the device to boot unless the bootloader is signed by Apple:

When an iOS device is turned on, its application processor immediately executes code from read-only memory known as Boot ROM. This immutable code, known as the hardware root of trust, is laid down during chip fabrication, and is implicitly trusted. The Boot ROM code contains the Apple Root CA public key, which is used to verify that the iBoot bootloader is signed by Apple before allowing it to load. This is the first step in the chain of trust where each step ensures that the next is signed by Apple. When the iBoot finishes its tasks, it verifies and runs the iOS kernel. For devices with an A9 or earlier A-series processor, an additional Low-Level Bootloader (LLB) stage is loaded and verified by the Boot ROM and in turn loads and verifies iBoot.

So, where exactly is his code going?

 

[bbednarz]

This is a real world security threat.

The exploit demonstrates a USB string descriptor exploit that leads to a ROP chain and it looks like arbitrary code running on the iPhone.

In all likelihood this is what security companies were using to hack iPhone PIN codes, so yeah, it is a security problem.

So in other words 99.9% of people have nothing to worry about. Don't these security companies charge thousands of dollars for those services? No one is paying thousands of dollars to break into John Smith's iPhone. Person of importance/intelligence? That's another story.

 

[PBG4 Dude]

Yes. I have a dash/console integrated iPad Mini 2 in my 1981 DeLorean.

Nice! My father-in-law had a DeLorean when he was alive. Bosch electrics were a regular nightmare but it was a fun ride. I couldn’t get enough of the gull wing doors.

 

[BuddyTronic]

Perhaps it's another reason to upgrade often to the latest phones, or maybe there is a sweet spot for those wanting to save money to upgrade to a "one year old" iPhone instead of hanging on too long to the older model iPhones.

 

[pooryou]

You're the one trying to redefine "unpatchable"

You're like a 1984 character "just because Apple can never make patch does not mean it's unpatchable"

“you'll see why 1984 won't be like 1984”

 

[mike-s]

Curious, do you think the Lightning port has a direct connection to the ROM?

It does.

 

[cardfan]

That's nice but haven't the ones who make such apps or cydia quit doing this?

 

[lazyrighteye]

My favorite part of the original post?
That they told us how to pronounce Checkm8. Made me grin - which is saying something.

 

[mdnz]

Perhaps it's another reason to upgrade often to the latest phones, or maybe there is a sweet spot for those wanting to save money to upgrade to a "one year old" iPhone instead of hanging on too long to the older model iPhones.

Or maybe Apple should review their code a bit more often since apparently it's an 8 year old exploit (dates back to the 4S). I doubt it's good marketing that you need to upgrade to a new $1000 phone every year because the previous one has security leaks.

 

[realtuner]

It does.

Source please.

 

[macfacts]

I read the title as, jail brake a 4S through iPhone X, as in using an iPhone X to jail brake an iPhone 4S

Good wish/dream tho, an iPhone replacing a PC to do stuff.

 

[Webster's Mac]

Or maybe Apple should review their code a bit more often since apparently it's an 8 year old exploit (dates back to the 4S). I doubt it's good marketing that you need to upgrade to a new $1000 phone every year because the previous one has security leaks.

Yes the most secure consumer-grade phones in the world (that not even the FBI could hack into without a lot of help) and they need to “review their code more often”. Do you know how hard it is to write code? Or how many millions of lines of code go into these devices?
Every. Single. Device. Has. Security. Flaws.

 

[macfacts]

Did you miss the part where the device has to be put into DFU mode? You think people plugging their devices into charging ports at airports are also in the habit of activating DFU mode?




Curious, do you think the Lightning port has a direct connection to the ROM?

If you lost your iPhone, how are you going to prevent the thief from going into dfu mode?