Technology

iOS 11.1.2 Jailbreak: Major Jailbreaking News To Go Public Before Christmas

Will an iOS 11.1.2 jailbreak ever emerge? Certainly the latest Apple operating system is proving a difficult nut to crack. But there has been more development on the jailbreaking front in the last few weeks, meaning that hope could be on the horizon.

iOS 11.1.2 Jailbreak
Image source: Apple

Levin jailbreak

Jonathan Levin, creator of LiberTV and noted iOS author, has recently published a new Q&A session which looks at the possibility of an iOS 11.1.2 jailbreak occurring in the near future. And Levin notes that a “fully working shell environment with arbitrary unsigned binaries” and “any side loading of any app you want” is set to hit the public domain in time to be downloaded for Christmas.

This is certainly welcome news considering the paucity of jailbreaking coverage recently. But this isn’t the finally story in the iOS 11.1.2 jailbreak field. Levin notes that the new tool will be unlikely to work in the same way as traditional jailbreaks.

Levin outlined his mild contempt for the approach of Cydia, stating that the Cydia Substrate involves having to bypass a sandbox hook known as “mmap-executable.” This is obviously a complex technique, and understandably Levin will not reveal publicly how this is achieved. But although there will be no Cydia compatibility, this could still be added by talented crackers at a later date.

So we know that an iOS 11.1.2 jailbreak is on the cards – what form will it take? In fact, Levin has provided a surprising amount of detail on the subject. From the moment of the release, this new crack will deliver root filesystem mount, sandbox escape and access to root. Levin also boasts that the execution of arbitrary binaries will be possible, although this is dependent on them being self-signed with jtool.

There are also entitlement options available, as Levin notes that these can be run on any compatible devices and firmware. Certainly the initial information on this jailbreak suggests that this will be a nifty and flexible one.

Untethered solution

Levin also stated that the tool will be unable to deliver an untethered solution. Just to explain this briefly, an untethered jailbreak is powerful enough to allow the user to turn their device off and back on at will. Such efforts are considered highly problematical, considering the level of security that Apple has built into iOS.

This hardly comes as a massive surprise, as this is becoming an increasingly challenging proposition. But there is significant support for a wide range of devices and software versions. The cracker has announced that support for iOS 11.0.x and iOS 11.1.x will be possible on all 64-bit devices, and this will included Apple TV 4/4K and potentially Apple Watch variants once the jailbreak has been tweaked.

Overall, this must be seen as massive news, as it represents the first really credible iOS 11.1.2 jailbreak. The toolkit provided by Levin seemingly utilizes the async_wake exploit that was previously created by Ian Beer of Google; a talented individual who is held in the highest esteem by Levin.

However, jailbreaking is certainly becoming a riskier business. Levin warned that “the powers of root are not for the faint of heart or the feeble of mind,” and it is fair to say that this iOS 11.1.2 jailbreak should not be implemented without due caution. There is certainly a risk to downloading any jailbreak to a major Apple device, and considering the fees associated with the iPhone X, it really only should be used by experts. Certainly the casual iPhone user should steer well clear.

China reports

Previous reports from China have also suggested that iOS 11.2.1 has been broken, but this suggestion can be very much filed under ‘uncofirmed’. Security researches from Chinese company Alibaba claim that an iPhone X running iOS 11.2.1 has been broken, and that this jailbreak will be released publicly in the near future.

While the jailbreak was supposedly applicable to iOS 11.2 initially, the crackers in China also claim that it can be just as easily applied to iOS 11.2.1. This would be pretty impressive if true, as this latest iteration of the Apple operating system only dropped in the last couple of weeks.

Alibaba is also making very strong claims about its jailbreak, suggesting that it is different from any that has ever been released previously. Big talk indeed. According to Song Yang, head of Alibaba’s Secure Pandora Labs, the jailbreak is perfect, untethered, and provides full support for Cydia.

This is an intriguging development, but there is, of course, a massive catch. Pandora Labs will not publicly release its findings, and was reluctant to even share any technical details. This makes the whole thing a bit of a tease, to say the least, and not something that will really benefit the jailbreaking community. Pandora Labs has limited itself to “security research purposes,” and will not exceed these parameters.

So the Levin iOS 11.1.2 jailbreak is undoubtedly the most useful for the everyday user, regardless of the comments made by Pandora Labs. If what the company is saying is true then there is hope for a major public iOS 11.2 jailbreak at some point, as this at least seems to be technically possible. And talented crackers also know that the Pandora effort focuses on a memory buffer overflow bug that incites a kernel panic.

Bleak future

As jailbreaking recedes in popularity and prominence, the reality is that major jailbreaks of the iOS operating system will be few and far between. The risks for downloading such efforts are now greater as well, with Apple having taken more steps to eradicate jailbreaking, and the iPhone, of course, costing so much money nowadays. Would anyone wish to brick a $1,000 smartphone?

So this iOS 11.1.2 jailbreak should be applauded as an increasingly rare ray of light in a bleak jailbreaking climate.