A jailbreak has finally emerged for iOS 6, covering the latest release of the mobile operating system and the iPhone 5, whilst Apple has released a security update for another one of its major products. Mac OS X.
Hackers have been working hard to open Apple’s walled-off iOS to run non-approved software, but, until this week, to no avail. Security experts said that iPhone users are not in danger of having their phones jailbroken when they aren’t looking: it requires an iOS device to be both unlocked and connected via USB to a PC. There is, however, a possibility that malware from a PC could conceivably jailbreak a connected phone and do nasty things.
A new tool called “evasi0n” does the nitty gritty of the jailbreak. “All of the stages use functionality on the phone exposed by MobileBackup, the daemon used to backup user data from the device, and restore backups back to the device,” explained security company Accuvant Labs, in a blog post.
“Since backups are created by the user’s device, and must be interchangeable between devices, they cannot be easily cryptographically signed, so they are essentially untrusted data.
“Evasi0n is interesting because it escalates privileges and has full access to the system partition all without any memory corruption.”
The creators of the tool recommended users backup their device using iTunes or iCloud, before running evasi0n. Users who want the jailbreak have to disable the lock passcode of their OS device. The whole process should only take five minutes and is currently compatible with Windows XP and upwards, Mac OS X 10.5 and upwards and Linux systems.
Given how quickly Apple has moved in the past to shut off jailbreak functionality, keen users might want to get moving now.
Meanwhile, Apple has addressed three flaws in the server platform it distributes with Mac OS X. All three could have allowed a remote attacker to execute code on a target system.
Two of the flaws related to an issue in how Ruby on Rails handled XML parameters, Apple said in its advisory. Another related to a problem with Ruby on Rails’ handling of JSON (JavaScript Object Notation) data.
How well do you know Apple? Try our quiz!
German foreign minister warns Russia will face consequences for “absolutely intolerable” cyberattack on ruling party,…
Google is reportedly laying off at least 200 staff from its “Core” organisation, including key…
Investor appeasement? Apple unveils huge $110 billion share buyback program, as sales of iPhone decline…
Tesla retreats from pioneering gigacasting manufacturing process, amid cost cutting and challenges at EV giant
No skynet please. After the US, UK and France pledge human only control of nuclear…
Microsoft's AI investments continue in south east Asia, after investments in Japan, Malaysia, Indonesia, as…
View Comments
This is because Evasi0n is too clever... come on; redsnow, green posion, black rain and even jayfreeman (saurik) helped or supported the evasion team...