A long standing security flaw enables jailbreaking on several models of iPhone. The vulnerability is in read only memory (ROM) and cannot be patched.
Checkm8 Exploits iPhone Boot ROM
Apple’s latest security flaw has been a problem for years. Only recently, security researchers have uncovered and publicized the vulnerability.
Known as “checkm8”, the exploit takes advantage of the read only memory initiating the iOS boot up process. Since these instructions are in read only memory, hackers can hijack this immutable process to trigger jailbreaking.
The exploit was announced by Twitter user axi0mX:
“EPIC JAILBREAK: Introducing checkm8 (read “checkmate”), a permanent unpatchable bootrom exploit for hundreds of millions of iOS devices.
Most generations of iPhones and iPads are vulnerable: from iPhone 4S (A5 chip) to iPhone 8 and iPhone X (A11 chip).”
Security Flaw Boon to iOS Jailbreak Community
The iOS Jailbreak community seeks solutions to allow iPhones and other Apple devices to access third-party app stores. By default, iPhone, iPad and iPod touch users are forced to download apps through the App Store. Jailbreaking opens the device to third-party app markets, such as Cydia, which offer advanced apps and system tweaks that Apple would never approve.
According to axi0mx, the iPhone 4 was the last device with a known bootrom exploit. This new security flaw opens up hundreds of millions of iOS devices to jailbreaking:
“The last iOS device with a public bootrom exploit until today was iPhone 4, which was released in 2010. This is possibly the biggest news in iOS jailbreak community in years. I am releasing my exploit for free for the benefit of iOS jailbreak and security research community.”
Checkm8 Benefits Apple
Although this security flaw was most likely a mistake, it does benefit Apple in some ways. For example, their older iOS devices are now more valuable, as they appeal to jailbreakers. This, in turn, could increase the price of used iPhones, making device upgrades more appealing for customers who have no desire to jailbreak.
Of course, any security flaw tarnishes Apple’s reputation. This one, like most, is very difficult to exploit. A malicious user must have physical access to an iOS device to exploit it.
This security flaw is more of a benefit than a defect. It gives many more iOS users the option to jailbreak their devices.