Google Security Researcher Shares Details on 'tfp0' iOS 11.1.2 Exploit That Could Lead to Future Jailbreak

[MacRumors]

Google security researcher Ian Beer, who works for the Project Zero team, last week highlighted an iOS 11.1.2 exploit called "tfp0," which he believes could be the basis for a future iOS 11.1.2 jailbreak.

Today, Beer released the exploit to the public. He says it should work on all iOS devices running iOS 11.1.2 or below, though he only personally tested iPhone 7, iPhone 6s, and a sixth-generation iPod touch.

What Beer released is not a full iOS 11 jailbreak as some had hoped, but what he's shared could potentially be used to create a jailbreak in the future.

tfp0 should work for all devices, the PoC local kernel debugger only for those I have to test on (iPhone 7, 6s and iPod Touch 6G) but adding more support should be easy - Ian Beer (@i41nbeer) December 11, 2017

iOS 11.1.2 is no longer the current version of iOS as Apple released iOS 11.2 on December 2, but Apple is still signing iOS 11.1.2 at this time. Apple will likely stop signing the older update in the near future, and its end could come sooner now that further information on the tfp0 exploit has been released.

Jailbreaking iOS devices has dwindled in popularity in recent years, which has led two major Cydia repositories to close. Both ModMy and ZodTTD/MacCiti, which provided apps, themes, tweaks, and more for jailbroken iOS devices, shut down in November. For the time being, iOS 11 continues to be the only major version of iOS that has not been jailbroken.

Article Link: Google Security Researcher Shares Details on 'tfp0' iOS 11.1.2 Exploit That Could Lead to Future Jailbreak

 

[moabal]

I am a big fan of jailbreaks. However, who really needs it anymore?

 

[Morgenland]

A simple question (I'm not a lawyer):
Is publishing an exploit a white-collar crime when Google (competitor) employs this "research man"?

 

[6803390]

A simple question (I'm not a lawyer):
Is publishing an exploit a white-collar crime when Google (competitor) employs this "research man"?

If you knew the definition then you would not be asking that question. IMO it’s a No.

 

[TMRJIJ]

Well, they do need more ideas to get from the jailbreaking community...

 

[Aluminum213]

Apple loves the jail breaking community, that’s where they get all future update ideas

 

[Mr_Brightside_@]

All I need is Activator and hosts file ad blocking.

 

[pat500000]

Jb is behind for awhile now.

 

[genovelle]

If you knew the definition then you would not be asking that question. IMO it’s a No.

In that case, Apple should return the favor. And since Google’s software is attacked on the regular Apple should also provide an active page to stream every exploit

 

[Westside guy]

I am a big fan of jailbreaks. However, who really needs it anymore?

Since jailbreaking is a heck of a lot more than installing unapproved apps, I'd say the answer is "anyone who wants to customize their iOS experience."

When this question came up a week or two ago, here's what I posted:

For me, Jailbreaking has always been about additional customization. FlipControlCenter, for instance, lets you add different toggles to the pre-iOS 11 Control Center (so you could, for instance, have a Personal Hotspot toggle), have multiple scrollable groups of toggles, select which toggles could and could not be used from the lock screen, etc. It is far superior to the iOS 11 “solution” that Apple came up with.

FlipControlCenter, 3G Unrestrictor, Protect My Privacy, etc... These customizations are so far beyond what Apple allows... and are not available via side loading. As another poster said, it’s not really about apps.

However given the seriousness of some recent iOS security flaws, combined with the amount of sensitive info now accessible from my phone... it just doesn’t make sense to stay on an older, jailbreakable version of iOS. I have an original iPad mini which is still jailbroken - there are one or two non-approved apps I occasionally use. But that device is basically isolated from the rest of my Apple gear, and does not have any personal account apps (e.g. banking) on it.

 

[maknik]

I am a big fan of jailbreaks. However, who really needs it anymore?

I've been holding on to my 9.1 jailbreak for years now, wondering whether the few minor tweaks I have are really worth it. Then I discovered NGXPlay, which allows me to run *any* app in CarPlay, and it was like the good old days all over again. Being able to run Google Maps on my car screen is not just a vast improvement over Apple Maps, it's also a safety boon, since I've often been forced to resort to the iPhone's little screen while driving whenever Apple Maps (so often) screws something up. And like the good old days of jailbreak, along with the relief comes the usual disgust at Apple intentionally preventing simple things (like Google Maps) for the sake of stupid corporate competition.

 

[Hastings101]

Is jailbreak worth being stuck on a buggy 11.1.2 though

 

[dmx]

11.1.2 is good enough for me on my iPhone X. On older phones.- I'm not so sure. I've already downgraded.

To MacRumors staff - this is big news, and deserves to be on the front page.
[doublepost=1513044363][/doublepost]

I am a big fan of jailbreaks. However, who really needs it anymore?

There are some cool things I will jailbreak for that apple doesn't allow. For example, picture in picture - being able to keep a video stream from one app running in a small window while using another app. Thats enough for me.

 

[fairuz]

Is jailbreak worth being stuck on a buggy 11.1.2 though

And buggy jailbreak tweaks. It was a lot nicer in the beginning, when everything was better supported, but I understand how it becomes harder over time.

 

[vertsix]

why jailbreak? well you can do cool stuff like

among many, many other things

 

[hunter.cortez]

Can jailbreaking add Touch ID to iPhone X?

 

[FelixDerKater]

Is Jailbreaking really that much of a concern to them at this point?

 

[canadianreader]

All I need is Activator and hosts file ad blocking.

You can at the router level (wifi only)

 

[Westside guy]

I've been holding on to my 9.1 jailbreak for years now, wondering whether the few minor tweaks I have are really worth it.

I have an original iPad Mini that's still jailbroken on 8.4.1. iOS 9 didn't really add enough to make updating worthwhile, especially given the hit iOS 9 apparently puts on A5 hardware.

 

[ross1998]

I'm looking forward to a jailbreak for 11.1.2. Need that adblock and activator. Safari Downloader is also nice to have.

Also to the comments towards the top. Google's project zero gives apple 90 days to patch the bug before publicly releasing.

 

[x-evil-x]

How do you go back to older software?

 

[mabaker]

I am a big fan of jailbreaks. However, who really needs it anymore?

People who value a functioning notification system.

 

[kdarling]

A simple question (I'm not a lawyer):
Is publishing an exploit a white-collar crime when Google (competitor) employs this "research man"?

No. It's considered part of the widely accepted "responsible disclosure" doctrine.

Bugs found by the Project Zero team are reported to the manufacturer and only made publicly visible once a patch has been released, or if 90 days have passed without a patch being released.

As for this bug, Apple fixed it in iOS 11.2 and in various MacOS updates.

https://support.apple.com/en-us/HT208334

Interestingly, some here will remember that the very first 1.0.1 iPhone update back in July 2007 was assumed to have been rushed out in order to beat an exploit exposure deadline:

https://www.computerworld.com/artic...ates-iphone--beats-researchers--deadline.html

 

[blackcrayon]

Updated all of my older iPads to 11.1.2 in preparation while it's still being signed. Don't see the need to jailbreak my primary stuff anymore, but older stuff? Makes it easier to run emulators or have them behave in "unofficial" but useful ways (and where stability isn't paramount).

 

[kdarling]

In that case, Apple should return the favor.

Project Zero helps Google's competitors make their products more secure.

Do you think that is also an Apple goal?