'Jailbreak' for iPhones wins $1m bounty

Computer exploit merchant Zerodium says it paid research team that worked out how to ‘jailbreak’ latest version of Apple’s mobile operating system, iOS 9.1.

Computer exploit merchant Zerodium says it has paid out $1m to an un-named team of researchers for their method to “jailbreak” the latest version of Apple’s mobile operating system, iOS 9.1.

“Jailbreaking” refers to the practice of breaking the restrictions placed on iPhones and iPads by Apple, in order to use the devices in ways not intended by the original manufacturer. That can include installing pirated software, deleting default apps, or using programmes banned from the App Store by the California company.

But the practice also removes the security protections built into iOS by default, and so tools to jailbreak iPhones are also popular amongst groups that seek to install spyware on mobile devices – such as law enforcement and criminal enterprises.

Zerodium was founded in July 2015 to trade in exploits for software, security weaknesses which allow hackers and other malicious actors to break into devices. While security researchers often inform device manufacturers when they have discovered a vulnerability (sometimes in exchange for a bug bounty, a payment from the manufacturer for their work), a vulnerability which the manufacturer doesn’t know about and hasn’t had time to fix, called a 0-day bug, is often worth considerably more to people with a professional desire to hack into computers.

The founder of Zerodium, Chaouki Bekrar, previously acted as a middleman in such trades with his company VUPEN. Zerodium is a higher-profile entry into the same business, and it launched with a bang, offering a $1m bounty for anyone who was able to carry out a remote, browser-based, “untethered” jailbreak on iOS 9.1, the latest version of iOS.

The requirements for claiming the bug bounty mean that versions of the hack, which require the phone to be plugged in to a computer, or which are undone when the phone is restarted, did not qualify. Instead, the jailbreak can be applied simply by navigating to a webpage.

While news of the jailbreak will please users who want to update their phone to the latest version of Apple’s operating system without losing the ability to install whatever they want, it will also please Zerodium’s likely intended buyers for the hack: national security agencies.

In practice, the jailbreak is a chain of severe vulnerabilities in the operating system, each of which feeds into the next until ultimately, the remotely deployed code has made changes to the deepest levels of the phone’s programming. Though those vulnerabilities mean that it is easy to willingly jailbreak the phone, they also mean that there is little protection against a determined attacker jailbreaking the phone and then installing further software on it to monitor the user.

Zerodium also says the jailbreak affects the beta version of iOS 9.2, expected to be released shortly. But it seems unlikely to stick around for long after that, and Apple will already be working around the clock to identify and fix the holes.

Contributor

Alex Hern

The GuardianTramp

Related Content

Article image
Your iPhone's password demands aren't just annoying. They're a security flaw
A developer has warned it is possible to create a phishing attack based on a fake sign-in request for Apple ID credentials

Alex Hern

12, Oct, 2017 @11:17 AM

Article image
Apple fixes HomeKit bug that allowed remote unlocking of users' doors
Security flaw in latest iPhone and iPad iOS 11.2 software meant hackers could potentially gain remote control of lights, cameras and locks in smart homes

Samuel Gibbs

08, Dec, 2017 @10:41 AM

Article image
Wi-Fi hack creates 'no iOS zone' that cripples iPhones and iPads
The only solution for users of Apple tech? Leave the affected area immediately

Alex Hern

22, Apr, 2015 @3:01 PM

Article image
iPhone text message bug can crash Apple Watch, iPad and Mac too
Bug in Apple’s Messages that allows anyone to crash someone’s iPhone with a text can also nuke an Apple Watch, iPad or Mac

Samuel Gibbs

28, May, 2015 @10:22 AM

Article image
iPhone text crash bug hits Twitter and Snapchat
Unfixed iOS bug allows booby-trapped messages to break Snapchat text chat and can be sent via Twitter direct messages or mentions

Samuel Gibbs

29, May, 2015 @10:38 AM

Article image
iPhone 6S security hole lets attackers access contacts and photos without passcode
Security hole allows attackers to quickly access personal information on a locked iPhone 6S or 6S Plus using Siri, Twitter and 3D Touch

Samuel Gibbs

05, Apr, 2016 @10:02 AM

Article image
iOS flaw lets hackers access iPhones using an iMessage
Users urged to update their iPhone, iPad, Mac, Apple TV and Apple Watch to prevent attackers taking over devices with malicious images

Samuel Gibbs

22, Jul, 2016 @9:00 AM

Article image
iOS update: Apple apologises for breaking new iPhones
An update to iOS 8 released on Wednesday left iPhone owners unable to make phone calls. By Alex Hern

Alex Hern

25, Sep, 2014 @10:17 AM

Article image
Take that, FBI: Apple goes all in on encryption
Apple’s newest encryption tool better secures files on all its devices, just the latest in a move to widespread encryption in the tech industry

Nathaniel Mott in New York

15, Jun, 2016 @10:42 AM

Article image
Apple faces lawsuit over storage space on iPhones and iPads
Firm failed to tell consumers that iOS 8 software could take up as much as 23.1% of advertised storage capacity, claims lawyer

Samuel Gibbs

02, Jan, 2015 @5:48 PM