Italian developer Luca – famed for his work in the jailbreak community, and more recently his security research and yalu jailbreak releases – has taken to his own Twitter feed to speak out about a iOS 10.3.1 kernel exploit which is soon-to-be-released into the public domain.
Adam Donenfield of Zimperium has promised that a 0day iOS exploit will be released at an upcoming security conference, with Todesco taking to Twitter to inform that one, or even multiple, exploits are not enough to create a functional jailbreak.
The story goes a little like this; Donenfield from Zimperium has publicly stated that he and his team have reported 8 kernel privilege escalation bugs that were sent across to them. It’s likely that those bugs have been fixed in the latest versions of iOS, but were available to exploit in previous versions on which a lot of iOS device owners are sitting. Furthermore, Donenfield and his team have also promised to release one of these exploits at the upcoming conference, leaving many of the jailbreak community to speculate that we could be about to see a jailbreak for iOS 10.3.1 being made available.
Those comments have since been clarified by the team to inform that it is actually an exploit which will be presented and released rather than an actual jailbreak solution built on top of those exploits, but of course that wouldn’t stop anyone from releasing a public jailbreak for iOS 10.3.1 using those and additional exploits.
Todesco has felt it necessary to comment on the situation, whether that be because he has been receiving questions about it or just because it’s an area of specific interest and expertise for him. Basically, Todesco’s take on the situation is that one lone exploit is not enough to create a jailbreak, but it will be useful for downgrading to iOS 10.2 which will then allow users to jailbreak on iOS 10.2 firmware using yalu102 jailbreak:
A kernel exploit alone is not enough to do a jailbreak; however for those with 10.2 blobs saved it will be possible to downgrade.
The availability of the kernel privilege escalation will mean that developers can offer kernel code execution, and therefore offer the ability to downgrade to iOS 10.2. What it won’t allow is a fully functional jailbreak without all of the other necessary components being put in place by someone who has the technical expertise to be able to do so.
(Source: qwertyoruiop [Twitter])
You might also like to check out:
Like this post on Facebook