Search the Community

Legendary iOS hacker MuscleNerd tweeted today that there’s no bootrom exploit out there for A5+ processors, this could mean that iOS 7 jailbreak might end up taking quite some time. iOS 7 jailbreak MuscleNerd rules out possibility of a bootrom exploit, iOS 7 jailbreak might take time An exploit is required to jailbreak an iOS device. There are two kinds of exploits, a bootrom exploit and a software level exploit. The latter can easily be patched by Apple through a firmware update, so even if such an exploit is found, the jailbreak is usually limited to one firmware. Bootrom exploits are hardware based and can’t be patched in devices that have already been shipped to customers. This exploit allows at least a tethered jailbreak on any particular firmware. Unfortunately, no bootrom exploit has been found in any iOS device processor after the A4, which powers iPhone 4, iPod touch 4G etc. There were rumors going around recently that there was a bootrom exploit for A5 and high processors out there, but MuscleNerd has flat out rejected these rumors, saying there’s no even a bootrom dump. There has been talk of an iOS 7 jailbreak, notable developer Ryan Petrich posted an image recently what supposedly was an iPod touch 5G jailbroken on iOS 7. If such a breakthrough has been made, its likely that a software based exploit has been found in iOS 7. The fact that there’s no bootrom exploit means that iOS 7 jailbreak will take time. Dealing with software level exploits is cumbersome, and a lot of work has to be done before the jailbreak is ready for the public.

Apple has been fighting a war of attrition against the jailbreaking community since the original iPhone was jailbroken in 2007. The jailbreakers expend resources and time to find a new exploit, but then Apple pushes out a small update to block it. This was a cycle for years, but the flow of reliable jailbreaks has been slowing. There was a jailbreak for iOS 6 the day it launched, but iOS 7 is much more locked down. We’ve been hearing for weeks that a jailbreak is on the way, with iOS developers hard at work, but have yet to see any significant movement. How much longer will it be until there is a reliable iPhone 5S jailbreak? By gaining root access to iOS, modders are able to give the user privileges to bypass Apple’s security measures and install unapproved software or tweak deep system settings. This usually requires finding a bug or vulnerability in iOS or the boot ROM. Hardware-related vulnerabilities in the Apple A-series chips are also possible, but less common, especially after the iPhone 5 and its A6 chip. Today, without an exploit, an iOS 7 jailbreak simply can’t happen. Not all hacks are created equal, though. Many of the bugs that make jailbreaks possible only lead to tethered jailbreaks. That basically means you need to plug the iPhone, iPad, or iPod touch into a computer running the jailbreak software every time it boots. If you’re not around a computer with the necessary software, the phone is a brick. Most users aren’t willing to deal with this, preferring to wait on the untethered jailbreak. The untethered version is a persistent jailbreak that works without the aid of a computer to make the phone or tablet boot up. These unfortunately are much harder to develop — the days of going to an website and getting your iDevice jailbroken with a tap seem to be long gone. There used to be plenty of iOS jailbreak suites, many of them with caches of new exploits ready to go when Apple patched one. However, it seems like most of the low-hanging fruit is gone now. Tethered jailbreaks have become far more common, and Apple has been continuing to harden the system against even minor exploits. There isn’t yet a jailbreak for iOS 6.1.4, the version prior to iOS 7. Noted iOS hacker Winocm says he has a jailbreak for this version of the platform in the works and will release it before the end of the year. So when can we expect a jailbreak for iOS 7? Members of evad3rs, the team behind evasi0n (a popular jailbreak tool) previously said an exploit is in the works. More recently, evad3rs modder Planetbeing claimed to have all the pieces in place for an iOS 7 jailbreak. In fact, evad3rs members have successfully run unsigned code on iOS 7. This probably means the necessary exploits have been identified, but the team is still working out the specifics and building a tool for the general public to use. Apple will, of course, patch the holes in one of the upcoming bug fix releases of iOS 7, so Evad3rs may end up waiting for iOS 7.1 to blow the jailbreak exploits. That would give users more time to enjoy the freedom before Apple locks them out again. Every piece of software has vulnerabilities, but they have to be found and exploited first. The jailbreakers aren’t the only ones looking, either. Apple hunts for the same things on its end because these exploits are security concerns. You can’t blame Apple for patching jailbreak exploits — it’s making iOS more secure for the vast majority of users who don’t jailbreak. When and if a jailbreak is developed for iOS 7, it might not be a good solution. Maybe Apple is close to winning this war.