The constant war to jailbreak and patch iOS has taken another step in favor of the jailbreakers. Georgia Tech researchers have found a way to jailbreak the current version of iOS.
Georgia Tech Information Security Center has a track record in jailbreaking iOS and this gives them an edge in breaking the latest version. Each time a way is found into iOS, Apple patches the operating system but the patches don't necessarily work together to keep out a determined attacker. The patches are just quick workarounds that are put in place to stop the specific exploit.
What the Georgia Tech team. including Yeongjin Jang, Byoungyoung Lee, Tielei Wang and Billy Lau, has discovered is a way to break in by a multi-step attack. After analysing the patches put in place to stop previous attacks, the team worked out a sequence that would jailbreak any modern iPhone. The team stresses the importance of patching all of the threats, and not just closing one vulnerability and assuming that it renders others unusable as an attack method.
The details are to be revealed at the forthcoming Black Hat USA (August 6 & 7 Las Vegas) in a session titled Exploiting Unpatched iOS Vulnerabilities for Fun and Profit:
"Patching all vulnerabilities for a modern, complex software system (i.e., Windows, iOS) is often difficult due to the volume of bugs and response time requirements. Instead, software vendors usually devise quick workarounds to mitigate the exploitation of a given vulnerability. However, those patches are sometimes incomplete, and attackers can utilize different attack vectors to re-exploit a patched vulnerability. iOS is no exception."
It is claimed that the hack works with any iOS 7.1.2 using device including the iPhone 5s.
It is worth noting that the The Device Freedom Prize for an open source jailbreak of iOS7 is still unclaimed and stands at just over $30,000.
It is unlikely that the jailbreak will remain operational for long as Apple will certainly be preparing patches for it. iOS 8 is in beta and iPhone 6 is rumored to be launched in October.
Since it split away from the WebKit render engine to create Blink, Google has been free to pick and choose what gets implemented. Now we have the news that it has decided to ignore the W3C spec for to [ ... ]