A jailbreak has finally emerged for iOS 6, covering the latest release of the mobile operating system and the iPhone 5, whilst Apple has released a security update for another one of its major products. Mac OS X.
Hackers have been working hard to open Apple’s walled-off iOS to run non-approved software, but, until this week, to no avail. Security experts said that iPhone users are not in danger of having their phones jailbroken when they aren’t looking: it requires an iOS device to be both unlocked and connected via USB to a PC. There is, however, a possibility that malware from a PC could conceivably jailbreak a connected phone and do nasty things.
A new tool called “evasi0n” does the nitty gritty of the jailbreak. “All of the stages use functionality on the phone exposed by MobileBackup, the daemon used to backup user data from the device, and restore backups back to the device,” explained security company Accuvant Labs, in a blog post.
“Since backups are created by the user’s device, and must be interchangeable between devices, they cannot be easily cryptographically signed, so they are essentially untrusted data.
“Evasi0n is interesting because it escalates privileges and has full access to the system partition all without any memory corruption.”
The creators of the tool recommended users backup their device using iTunes or iCloud, before running evasi0n. Users who want the jailbreak have to disable the lock passcode of their OS device. The whole process should only take five minutes and is currently compatible with Windows XP and upwards, Mac OS X 10.5 and upwards and Linux systems.
Given how quickly Apple has moved in the past to shut off jailbreak functionality, keen users might want to get moving now.
Meanwhile, Apple has addressed three flaws in the server platform it distributes with Mac OS X. All three could have allowed a remote attacker to execute code on a target system.
Two of the flaws related to an issue in how Ruby on Rails handled XML parameters, Apple said in its advisory. Another related to a problem with Ruby on Rails’ handling of JSON (JavaScript Object Notation) data.
How well do you know Apple? Try our quiz!
British regulator invites feedback on major partnerships Microsoft and Amazon have struck with smaller AI…
Another 20 staff have been fired by Google over Israel protest and their “completely unacceptable…
Censorship row brewing down under, after the Australian Prime Minister calls Elon Musk an 'arrogant…
Financial regulator asks New York judge to impose $5.3 billion in fines against Terraform Labs…
Lightweight artificial intelligence model launched this week by Microsoft, offering more cost-effective option for Azure…
ByteDance protest falls on deaf ears, as Senate passes TikTok ban or divest bill, with…
View Comments
This is because Evasi0n is too clever... come on; redsnow, green posion, black rain and even jayfreeman (saurik) helped or supported the evasion team...