The first iOS 9 jailbreak has been uncovered by
Team Pangu, a group of Chinese hackers famous
for relinquishing iPhones from Apple
control. It works across iOS 9.0 –
9.0.2 and the download is now ready on Pangu’s
homepage here. Reports thus far indicate the
untethered jailbreak is stable and working on
the latest iPhone, the 6S.
This time round, Redditors have put together a
little Wiki page to help anyone wanting to open
up their iPhone. The page should be getting
updates as there’s more awareness of Pangu’s
exploits. Users are advised to backup all their
important files to the Apple iCloud first before
starting the jailbreak process. They should also
disable the Find My Phone, Passcode and Touch
ID in settings and switch on Airplane mode.
From there, it’s a case of connecting the iPhone
to a Windows PC (or a virtual machine running
Windows) and following the simple steps, as
outlined in a tutorial from the iDownloadBlog
below.
Team Pangu, if it’d developed its exploits
further, could have made as much as $1 million
if it’d submitted its findings to Zerodium, an
exploit dealer that had offered that amount to
anyone who found and submitted an iOS 9
jailbreak . But as security expert Francisco
Alonso told me over Twitter , Pangu would likely
not have met Zerodium’s requirements, which
asked for exploits to be fully remote. The iOS 9
jailbreak requires the phone to be connected to
a PC via USB.
There’s also no obvious sponsor for the
jailbreak. In recent years, Chinese firms have
sponsored jailbreak downloads, as they try to
bundle their bespoke app stores onto unlocked
devices. Previously, Pangu had thanked its
sponsors, including PP Assistant, a store owned
by Alibaba , but this time there was no
acknowledgement and no indication of a third-
party store other than the open source Cydia –
the standard market for jailbroken iPhones. As
much as $1 million is also said to be on offer
from those app store providers.
There may be some legal ramifications from the
Pangu jailbreak, however, according to iOS
security expert Stefan Esser. That’s because of
the Wassenaar Agreement , which covers exports
of digital exploits as “dual-use” items coming
from partner countries. Esser believes that
because two of the contributors – Steven De
Franco (ih8sn0w) and Luca Todesco
(@qwertyoruiop) – were from Canada and Italy,
their work may have required a licence.
“I have no idea what their contributions are but
it sounds like they might have supplied ideas,
help or technology to build intrusion software to
Chinese Pangu Team,” Esser told FORBES.
“Considering that both countries have added
intrusion software to their dual use export list I
wonder if this announcement by Pangu will
start investigations.”
Keep in mind, however, Esser has consistently
taken umbrage with the jailbreak community,
having previously irked Team Pangu by
claiming they stole some of his exploit code for
an iOS 8 jailbreak. Pangu subsequently
suggested Esser was being bigoted, something he
denied.
Team Pangu, De Franco and Todesco had all
been contacted but had not responded to a
request for comment at the time of publication.
It’s unclear what iOS vulnerabilities were used
to unlock the device.
Team Pangu, a group of Chinese hackers famous
for relinquishing iPhones from Apple
control. It works across iOS 9.0 –
9.0.2 and the download is now ready on Pangu’s
homepage here. Reports thus far indicate the
untethered jailbreak is stable and working on
the latest iPhone, the 6S.
This time round, Redditors have put together a
little Wiki page to help anyone wanting to open
up their iPhone. The page should be getting
updates as there’s more awareness of Pangu’s
exploits. Users are advised to backup all their
important files to the Apple iCloud first before
starting the jailbreak process. They should also
disable the Find My Phone, Passcode and Touch
ID in settings and switch on Airplane mode.
From there, it’s a case of connecting the iPhone
to a Windows PC (or a virtual machine running
Windows) and following the simple steps, as
outlined in a tutorial from the iDownloadBlog
below.
Team Pangu, if it’d developed its exploits
further, could have made as much as $1 million
if it’d submitted its findings to Zerodium, an
exploit dealer that had offered that amount to
anyone who found and submitted an iOS 9
jailbreak . But as security expert Francisco
Alonso told me over Twitter , Pangu would likely
not have met Zerodium’s requirements, which
asked for exploits to be fully remote. The iOS 9
jailbreak requires the phone to be connected to
a PC via USB.
There’s also no obvious sponsor for the
jailbreak. In recent years, Chinese firms have
sponsored jailbreak downloads, as they try to
bundle their bespoke app stores onto unlocked
devices. Previously, Pangu had thanked its
sponsors, including PP Assistant, a store owned
by Alibaba , but this time there was no
acknowledgement and no indication of a third-
party store other than the open source Cydia –
the standard market for jailbroken iPhones. As
much as $1 million is also said to be on offer
from those app store providers.
There may be some legal ramifications from the
Pangu jailbreak, however, according to iOS
security expert Stefan Esser. That’s because of
the Wassenaar Agreement , which covers exports
of digital exploits as “dual-use” items coming
from partner countries. Esser believes that
because two of the contributors – Steven De
Franco (ih8sn0w) and Luca Todesco
(@qwertyoruiop) – were from Canada and Italy,
their work may have required a licence.
“I have no idea what their contributions are but
it sounds like they might have supplied ideas,
help or technology to build intrusion software to
Chinese Pangu Team,” Esser told FORBES.
“Considering that both countries have added
intrusion software to their dual use export list I
wonder if this announcement by Pangu will
start investigations.”
Keep in mind, however, Esser has consistently
taken umbrage with the jailbreak community,
having previously irked Team Pangu by
claiming they stole some of his exploit code for
an iOS 8 jailbreak. Pangu subsequently
suggested Esser was being bigoted, something he
denied.
Team Pangu, De Franco and Todesco had all
been contacted but had not responded to a
request for comment at the time of publication.
It’s unclear what iOS vulnerabilities were used
to unlock the device.
No comments:
Post a Comment