Apple Scrambles to Nuke Jailbreak, Fails Source Control 101

Apple has released an iOS 12.4.1 emergency patch, which has the sole purpose of closing a loophole used by jailbreak hackers. It turns out the issue is its own fault—caused by a source-code regression.

Yep, an old bugfix got un-fixed. That sure sounds like piss-poor source control.

Anyway, why shouldn’t we jailbreak our own property? In today’s SB Blogwatch, we revisit the days of yore.

Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: Apple Eco Fail.


Apple Jail Fail

What’s the craic? Shaun Nichols reports—“Breaking news: Apple un-breaks break on jailbreak break”:

 [The] iOS 12.4.1 update contains a single fix: a patch to address CVE-2019-8605. The use-after-free vulnerability would let an application gain the ability to execute arbitrary code with system privileges.

This is not the first time Apple has had to patch CVE-2019-8605. The vulnerability was first addressed with the iOS 12.3 update in May of this year.

It seems Apple had unintentionally rolled back the 12.3 patch. … The re-exposure of the bug was embarrassing for Apple and potentially dangerous for end-users: The vulnerability could … have been targeted by criminals to install malware on iOS devices.

Apple also put out updates to address the same vulnerability in macOS and tvOS.

And Dan Goodin inspects the jailbreak angle—“iOS vulnerability that let you jailbreak your iPhone is once again dead”:

 Jailbreak enthusiasts—who like the freedom that such vulnerabilities permit—quickly capitalized on the Apple developer mistake by releasing exploits. … Jailbreaking phones allows users to do all kinds of things that aren’t normally possible, including installing unauthorized apps.

Over the years, publicly known jailbreaks have grown increasingly rare. The jailbreak discovered last weekend was all the more unusual because it was the result of a flaw Apple … had already fixed. That vulnerability … was originally found by Google researcher Ned Williamson.

Wait. Pause. Is jailbreaking still a Thing? Roland Moore-Colyer schools us—“Apple patches patch that unpatched a squashed jailbreak bug”:

 Some might argue that jailbreaking iPhones and iPads is a bit old-hat given iOS now has a lot more capabilities than it once had, and the App Store is hardly short of high-quality apps. But then some people like doing things for the hell of it, and the vulnerability could have been exploited by hackers that are more criminal than curious.

Apparently, it is a Thing. Paul Morris spreads FOMO—“How To Jailbreak Right Now While You Can”:

 In your excitement, you may have upgraded your iPhone or iPad to that latest release but it means that you have played into Apple’s hands and lost the ability to jailbreak. [There’s a] very small window of opportunity to get back to iOS 12.4 and jailbreak your device. … Thankfully, iOS 12.4 is still being signed by Apple, which means that there is a small window of opportunity to actually downgrade and re-jailbreak.

But James Ng suggests why you might not want to:

 Government agents, including customs officials … would love to “inspect” your phone. Or countries where you must install their app, which they will helpfully do for you.

A huge problem is while you can break out of the security jail, so can others for you, letting them do stuff you don’t necessarily want. And malicious apps could also secretly … embed all sorts of stuff.

If the internet has taught you anything, it’s that people cannot be trusted, and will get pwned way too easily.

And Andreas Ley lays down the law: [You’re fired—Ed.]

 Apple’s approach is the only reasonable one for the general population. … I write iOS software for a living, and even with complete access to the source code, I couldn’t reasonably evaluate my iPhone’s software – let alone the hardware. … The burden of making such a complex device secure simply can’t be put on the end user.

Every electronic device has countless security issues. Some of them are found, of which some are published, of which most are eventually fixed. … In that regard, Apple could and should do better.

So what about that code regression? This Anonymous Coward is distinctly unimpressed:

 It shows IOS source code is managed in a non-professional way. … I remember this issue (bugs in N-2, fixed in N-1, and still re-appearing in N) causing my company to dump the vendor entirely.

Perhaps it’s the principle of the thing? Thinking about liberty, caseih shrugged:

 [The] iPhone never belonged to us anyway. … I used to do the jail-breaking thing back during the early days of the first iphone and ipod. But it’s just not worth it. If you want a device you actually own, you’ll have to buy something other than an Apple.

Unfortunately Android is a bit of a wasteland also, with its own share of locked up phones. … Android phones suck generally but I like them better than iPhones.

For the unwashed masses, I can understand why Apple locks things down the way they do. It’s good for them, but it’s also good for their customers.

Is it, though? Armin Sebastian offers a nuanced POV:

 It’s unfortunate how Apple and Google approach device ownership. … Their attitude towards the concept of general computing is concerning.

We do not control our own devices, we cannot stop certain processes on them, and we do not know where our personal data is sent. [So we] have to flash ROMs from questionable sources [or] apply temporary exploits to get some kind of resemblance of control of our own devices.

Locking down a system by default, but offering a way to gain elevated privileges, while educating and properly warning users before certain actions is better than taking away everyone’s control over their own devices, and therefore restricting their freedom. … Personal freedoms have always had risks, but is it really warranted to take them away … and not offer a way to get them back?

Meanwhile, Nick Sweeting got his wish:

 I’m just thankful for a working jailbreak on the latest version with no “Please update your iOS beta version” popup. It’s like a dream come true.

And Finally:

The Death of Airpods

Hat tip: b3ta.


You have been reading SB Blogwatch by Richi Jennings. Richi curates the best bloggy bits, finest forums, and weirdest websites… so you don’t have to. Hate mail may be directed to @RiCHi or sbbw@richi.uk. Ask your doctor before reading. Your mileage may vary. E&OE.

Image source: MIKI Yoshihito (cc:by)

Featured eBook
SANS 2019 Threat Hunting Survey: The Differing Needs of New and Experienced Hunters

SANS 2019 Threat Hunting Survey: The Differing Needs of New and Experienced Hunters

SANS threat hunting experts Mathias Fuchs and Joshua Lemon capture the different needs within organizations that are just starting their threat hunting journey, versus those who are honing their skills and programs. Read the report to help grow your program and improve threat hunting with: Definitions of threat hunting Methodologies of performing threat hunting Spending ... Read More
Authentic8

Richi Jennings

Richi is a foolish independent industry analyst, editor, writer, and fan of the Oxford comma. He’s previously written or edited for Computerworld, Petri, Microsoft, HP, Cyren, Webroot, Micro Focus, Osterman Research, Ferris Research, NetApp on Forbes and CIO.com. His work has won awards from the American Society of Business Publication Editors, ABM/Jesse H. Neal, and B2B Magazine.

richi has 78 posts and counting.See all posts by richi