Last minute geek

last minute tech news from around the net

Friday, Aug 14th

Last update11:00:00 PM

You are here: English BoingBoing ibag Checkm8: an "unstoppable" Iphone jailbreaking crack

Checkm8: an "unstoppable" Iphone jailbreaking crack

User Rating: / 0
Last month, a developer called Axi0mx released an Iphone crack called Checkm8, which attacks a defect in the Ios bootrom, a low-level piece of code that has not been successfully attacked since 2010. The bootrom is read-only, making its defects effectively unpatchable, short of removing the chip and swapping it for one with more robust code (the attack also works on version 1, 2 and 3 Apple Watches). The crack targets 11 generations of Iphones (though not the most recent ones), and it has important limitations: it has to be run every time the device reboots, and requires physical access at boot-time in order to execute. Despite this, as Dan Goodin notes at Ars Technica, "Checkm8 is going to benefit researchers, hobbyists, and hackers by providing a way not seen in almost a decade to access the lowest levels of iDevices." Axiomx and Goodin discussed the crack, and Axiomx points out that some affected devices can be seriously compromised by Checkm8: Iphones without the "secure enclave" trusted module can be attacked with Checkm8 to bypass the unlock PIN. The secure enclave is present in Iphones from the model 6 and above, but Iphone 5s and earlier models are seriously compromised by this attack. In the meantime, Axiomx holds out hope for security researchers who want to explore other Ios vulnerabilities without subjecting themselves to the strictures of Apple's security program, and for people who want to install apps from alternative app stores. axi0mX: If you have a few minutes, I have more things that you may find interesting: Apple has been making jailbreaks very difficult. Read the rest

Read all
Comment Policy:
We pre-moderate any comments and welcome all kinds of thoughts, supportive, dissenting, critical or otherwise. We delete or censor comments that are:

* abusive
* off-topic
* contain personal attacks, or against any company or organization
* promote hate of any kind
* use excessively foul language
* is blatantly spam or advertising

We do not discriminate based on the person who is posting, and we never censor comments for political or ideological reasons. We never delete an appropriate comment because we disagree with its viewpoint or ideology, and we never publish an inappropriate comment because we agree with or support its viewpoint or ideology.

Attention spammers: we manually approve all comments. Spamming and blatant advertising will NOT be published on this site and is deleted immediately, you've been warned, do not waste your time here.

Add comment

Security code