We’ve known for a while now that Team Pangu has been teasing a public release for its iOS 10.3.1 jailbreak tool, but if they do have one, why haven’t they released it yet? More to the point, why are they waiting for Apple to release iOS 10.3.2 before releasing their iOS 10.3.1 jailbreak – dubbed Janus – as they have claimed?

There are a couple of angles to consider if we want a plausible explanation for the delay in Pangu releasing this particular JB tool.

First of all is the install base for iOS 10.3.1

Considering the seriousness of the WiFi vulnerability on iOS 10.3, it is reasonable to assume that a large percentage of devices that upgraded to iOS 10.3 have already migrated to iOS 10.3.1.

This is what Apple noted at the release:

Wi-Fi
Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later
Impact: An attacker within range may be able to execute arbitrary code on the Wi-Fi chip
Description: A stack buffer overflow was addressed through improved input validation.
CVE-2017-6975: Gal Beniamini of Google Project Zero

That being the case, a majority of iOS 10.3 devices have already moved up to iOS 10.3.1. Moreover, since this vulnerability was found to affect Broadcom chipsets, and all iPhones after iPhone 4, that’s a huge user base likely to be on iOS 10.3.1 already. And with Apple reporting a record holiday quarter for iPhone sales, that’s tens of millions of brand new devices added to the mix.

However, there have also been several reports of users not being able to upgrade to iOS 10.3.1, per Apple’s support forum. If this is widespread enough, it may have dissuaded a lot of users from upgrading at all, which means they’re still on iOS 10.3 or earlier versions.

Despite that being the case, there is likely to be a large chunk of iOS devices that are on the most current version.

If that’s true, then there’s no reason for Pangu not to release the jailbreak tool right now, instead of waiting for Apple to release iOS 10.3.2.

That’s one angle.

The other angle is iOS 10.3.2 itself

If Pangu is waiting so that it can capture the iOS 10.3.2 user base in addition to iOS 10.3.1, that might a little more sense. In fact, iOS 10.3.2 might well be the last iteration of iOS 10.x before Apple starts to roll out the betas for iOS 11 ahead of launching its flagship iPhone 8 later this year.

So there are two things to consider here.

The first is: why is Pangu not releasing the iOS 10.3.1 jailbreak tool despite there being a presumably large user base current on that version.

Secondly, if they’re waiting for Apple to miss patching the vulnerability on iOS 10.3.2, will Pangu then release the jailbreak whether or not Apple has managed to patch it?

One argument we’re missing here is that even if Apple does find the flaw on its own and patches it in iOS 10.3.2, the iOS 10.3.1 jailbreak that Pangu claims it has will still work for those who don’t upgrade. If Apple doesn’t find and fix the flaw, then Pangu simply captures a larger marketshare for its jailbreak tool.

That last argument might not hold much water, admittedly, because the users currently on iOS 10.3.1 are likely to be the same ones to migrate to iOS 10.3.2 as well, since there aren’t any device restrictions likely to be enforced by Apple. In fact, iOS 10.3.1 was such a big deal, security-wise, that Apple opened up even more devices to the update even though they weren’t on the original eligibility list for iOS 10.3.

That really throws a spanner in the works now, making it very hard to believe that Pangu does, in fact, have a working iOS 10.3.1 jailbreak. The way we see it, there’s really no point sitting on a working jailbreak, waiting for the next release. And if Pangu does not have a JB tool for iOS 10.3.1, there’s no reason for them to tease users with that possibility. It can only hurt the reputation they’ve built thus far in the larger jailbreak community, even though a lot of jailbreak experts aren’t too fond of them.

The big question that comes out of that train of thought is this: Why wait to capture what will essentially be the same base of users moving to the next iOS version?

Somehow, it doesn’t make sense. But we could be wrong. Any real validation will happen after Apple releases iOS 10.3.2, and not before. The rumor mill suggests that this will either be on May 15 or May 22. When that happens, all eyes will be on Pangu and their jailbreak for iOS 10.3.1.

Thanks for visiting! Would you do us a favor? If you think it’s worth a few seconds, please like our Facebook page and follow us on TwitterIt would mean a lot to us. Thank you.

Share...Share on FacebookTweet about this on TwitterShare on LinkedInShare on RedditShare on StumbleUponShare on TumblrPrint this pageEmail this to someone

6 COMMENTS

  1. I think it is funny that they release this information, and say they won’t go public, and then the 8000 Lb gorilla stopped dead in their tracks with updates. AAPL was release updates like Microsoft…every 6 seconds. Pangu makes noise, and it is crickets over at 1 Apple Way.

  2. Because the vulnerabilities may not be patched in the new update and people who, perhaps, upgrade to the latest firmware (10.3.2) May still be able to jailbreak if the jailbreak is compatible with newest version.

    • You just read the title, right?

      They’re discussing this argument in the article below the big letters on top …

  3. Right now it seems more likely that Pangu are heavily involved in Apple’s bug bounty program, making a lot more being rewarded for that than releasing actual jailbreaks to the community for free. By announcing a 10.3.1 jailbreak, then “delaying” release, they get a large amount of jailbroken device owners to update to 10.3.1, giving up their current jailbreaks in the hope that they can do it again. In the meantime, Apple are working to patch 10.3.2. If Pangu don’t release a jailbreak at all, then they are most likely acting as agents for Apple now. They’ve had plenty of time to drop the 10.3.1 jailbreak but haven’t. Once Apple release 10.3.2, they will stop signing 10.3.1.

    So any currently jailbroken devices are being updated to 10.3.1 (small group) and *might* get a new jailbreak, but not before Apple release the patched 10.3.2…
    Once 10.3.2 is released, any jailbreakers that didn’t update will then be tempted to anyway due to the amount of apps that will stop working with older iOS versions, and miss out anyway.
    Pangu supposedly have already jailbroken 10.3.1.
    Given these facts, it looks like Pangu are working with Apple to drastically shrink the size of the jailbreak community, hurting jailbreak devs in the process and making the whole charade difficult for everyone involved.

    Time to switch to Android.

  4. I’m not programmer or jailbreak developer but if I had to guess why they aren’t releasing the 10.3.1 jailbreak until after 10.3.2 comes out it’s because they don’t want Apple to see the exploit and patch it in future releases of iOS. By not releasing it before the release of 10.3.2 they will have a better chance of getting a working jailbreak on 10.3.2 because the exploitable code will still exist. Just a guess but this makes the most sense to me anyway.

  5. This is something I have pointed out for ages but jailbreak fans are still being delusional.

    Why didn’t they do anything for the previous iOS 10 firmwares which are much easier to deal with?
    Assuming that iOS 10.3.2 is released, will Pangu really release 10.3.1 jailbreak tool to the public or will they focus on jailbreaking 10.3.2 next and hold back 10.3.1 jailbreak tool?

    And once Apple patches and not sign 10.3.2 and focuses on 10.3.3 or iOS 11, will Pangu stop working on 10.3.2 and instead work on 10.3.3 or iOS 11 and continue holding back 10.3.1 jailbreak tool or release it?

    I seriously cannot understand and will never until I get concrete reasoning.
    Pangu needs to speak up and tell the TRUTH.

LEAVE A REPLY

Please enter your comment!
Please enter your name here