News tagged ‘exploit’
There have been some rumors connected with iMessage recently. Numerous users and software experts claimed that the service is insecure and Apple, if forced, can easily get access to the instant messages sent by the army of the iPhone, iPad and Mac users. Latest research proved those skeptics were wrong.
Here’s what he writes (via
This is bad for security and privacy, because it allows advanced spam techniques, tracking of user actions, hijacking the user by just opening an email, and, using an exploitation framework, potentially much worse things. The app also loads external images without offering an option to disable this behavior.
Mailbox developers have reacted very fast - they promise this security breach will be patched within few hours.
Famous hacker Planetbeing, member of Evad3rs team, posted an update regarding team's iOS 7 jailbreak progress. They've achieved one important step - unsigned userland code execution. Basically this means that they've got behind Apple's walls of security and now can poke at the kernel. Bugs found in the kernel could be used to create a jailbreak for the new operating system.
Achieved unsigned userland code execution with some of our stuff in reserve. Now we have a good platform for poking the kernel.
Great news. Evad3rs actually started iOS 7 jailbreak works.
The evad3rs, a group of hackers who released the untethered jailbreak for iOS 6, have announced that they are now actively investigating iOS 7 to identify which of their exploits still work.
Earlier this year - in June - a new iOS flaw was discovered that theoretically made it possible to hack your device with the help of a malicious USB charger. A group of developers, who were the first to find this breach, has successfully installed malware on a non-jailbroken iPad and iPhone to prove their theory.
According to the latest New York Times report, an unknown zero-day iOS exploit was recently sold for $500.000. Well, we all knew that big companies like Apple pay hackers good money when they discover vulnerabilities in the operating system. But half a million... I think that’s too much.
Those who want to save their privacy should buy Android, not Apple devices. A kind of bold statement, isn’t it? According to the latest BitDefender report, iOS platform is more dangerous in terms of personal data protection, than the Google’s mobile operating system.
There is no A5+ bootrom exploit, by anyone. Not even a bootrom dump. Nothing.
The bootrom exploit can devices permanently vulnerable to a tethered jailbreak regardless of iOS version. The last bootrom exploit was limera1n found by Geohot which supported A4 devices like iPhone 4 and below.
Earlier today Petrich
System Version Too New
Activator has not been tested to work with this version of iOS. Some features may not work as designed.
Notably, this alert does not seem to be a UIAlert that could be generated from within a sandboxed application, suggesting that device may be jailbroken.
Last night he tweeted:
I got a lot of amazing things coming to you all soon. think bigger than jailbreak
In March, p0sixninja revealed that he had found the exploits necessary to release a new jailbreak; however, as expected, he decided to hold those back for iOS 7 or iOS 7.1.
Recently the hacker tweeted that the 'the next jailbreak might be created entirely by me' saying that he had discovered several exploits needed for the new jailbreak.
In an interview to iDesignTimes p0sixninja commented that he will definitely not release jailbreak for iOS 6.x.
P0sixninja says that he has found the exploits necessary to release a new jailbreak. He does not mention it, but it looks like this jailbreak will be for the latest iOS 6.1.3. In the past the hacker contributed to various jailbreak releases in the past including: GreenPois0n, Cdev Reporter, Absinthe, etc.
Well, so far it looks like the next jailbreak might be created entirely by me.
It looks like the vulnerabilities used for the evasi0n untethered jailbreak will be fixed in an upcoming iOS 6.1.3 update. PlanetBeing, one of the founding members of the evad3rs team that reports that Apple has patched at least one of the five exploits that evasi0n uses to accomplish the jailbreak.
"If one of the vulnerabilities doesn’t work, evasi0n doesn’t work," he says. "We could replace that part with a different vulnerability, but [Apple] will probably fix most if not all of the bugs we’ve used when 6.1.3 comes out."
Our advice? Just enjoy the jailbreak, back up your SHSH blobs in case a downgrade solution becomes available. And obviously if you like your jailbreak, stay away from iOS 6.1.3 once it is released.
In January, a number of Apple employees’ Mac devices have been hacked after visiting a popular iPhoneDevSDK forum. The employees from Facebook and, probably, dozens of other companies have also been attacked by the hacker. The site's owner, Ian Sefferman, has provided some limited details about what happened in his blog.