A newly discovered vulnerability in iPhones allows users to bypass Apple’s built-in limitations – known as “jailbreaking” – on new devices for the first time in four years.
The release of a functional jailbreak for iOS 13.5, the latest version of the iPhone operating system, represents a breakthrough for the small community of users who rely on jailbreaks for everything from serious security research to simply running games and software that Apple does not allow on iPhones.
It also poses a security problem for the company, since the techniques are in effect the same ones used by malicious attackers to take over targets’ devices.
As a result, the pseudonymous developers who released the jailbreak have not gone into detail about the exact nature of the vulnerability they are exploiting.
Pwn20wnd, the iOS security researcher who discovered the flaw, admitted to Vice that Apple would fix it “sooner or later”.
“That’s just the nature of it,” they added. “It will most likely take them at least two or three weeks to release a patch. Even when they release a patch, users can downgrade to the previous iOS version for about two weeks usually, and after that the users should stay on their versions so that the jailbreak keeps working.”
Typically, iPhones contain a host of security measures that ensure that only software approved by Apple can be downloaded and installed on the devices. The move has a twin purpose: it helps ensure the devices remain difficult to hack, and it gives Apple control of the iOS economy.
But the company’s restrictive policies about what can be listed on the App Store has long led to demand from some users for ways to install software from other sources. The company does not allow apps that break the law, for instance, preventing gamers from installing “emulators” to play retro video games, and it imposes strict limits on what apps can do when running.
The first jailbreak was released in 2007, less than six months after the iPhone launched and pre-dating the App Store. Using a vulnerability in Safari, it allowed users to install their own programs.
The ability to bypass security limitations is also a powerful draw for malicious hackers, and many jailbreaks have been repurposed as malware, leading to a cat-and-mouse game between Apple’s security teams and the developers who try to get around their barriers.
In the past few years Apple has been on top, with extra hardware in newer iPhones making it extremely difficult for any code not approved by Apple to be installed.
Pwn20wnd told Vice they did not think their success represented a change to that status quo. Instead, iOS was “just a big target for attackers”, they said. “Apple is constantly adding more features to iOS that introduce new attack surfaces.”
Apple did not reply to a request for comment.
• This article was amended on 26 May 2020 to restore text lost in the editing process, which clarifies that the jailbreak is the first in four years to work “on new devices”. The headline and standfirst were also amended accordingly.