Now that iOS 11 is the chief focus for Apple’s dev team, iOS 10 jailbreak tools have a bit of breathing space. What we mean by that is that there’s no pressure on iPhone owners to apply the latest security patch or upgrade just because there’s a new version of iOS, because the next major stable update is at least three months away. More importantly, what it means is that jailbreak experts have a bit of a wide window to work on refining their iOS 10 jailbreak tools for the public.
We now have several iOS 10 jailbreak tools in beta mode, including the Mach_Portal + Yalu jailbreak, the Yalu102 that covers most iOS devices except iPhone 7 and the extra_recipe+yaluX jailbreak for iPhone 7 that also brings substrate and iOS 10.0.x support.
Unfortunately, all of these are currently unstable, with some being more so than others. That’s where this “time out” is critical. It gives these devs some time to work on finalizing stable versions suitable for public consumption, as it were.
We’re not likely to see any new iOS 10.x.x jailbreaks in the near future. The only glimmer of hope is Adam Donenfeld’s exploit for iOS 10.3.1, be he’s not publishing the source code for that until the end of August, at the earliest. That means a few more weeks before another jailbreaker picks that up and compiles an iOS 10.3.1 jailbreak based on the vulnerability and corresponding exploit.
For now, our money is on Todesco, since Pangu is busy with co-organizing MOSEC 2017. Incidentally, Todesco is one of the keynote speakers at the conference being held this month on the 23rd at the Grand Kempinski hotel in Shanghai, China.
We’re hoping that some new collaborations will be made at MOSEC 2017. Todesco himself will be covering the subject of modern iOS exploit mitigation techniques, and it’s very likely that Team Pangu will showcase its iOS 10.3.1 jailbreak for iPhone 7.
“Attack techniques and weaknesses for these mitigations will also be explained, with a look at the Yalu jailbreaks in particular.” – MOSEC 2017 Home Page
We don’t know what exactly is going on with Pangu, but it seems they’re in a quandary about their stand on iOS jailbreaks for the public. They’re positioning themselves as a mature security ‘company’ rather than the hacking team they’re known to be, so we really have no way of telling which way they’ll eventually swing.
If the rumors are true and Pangu has, in fact, got a contract in place with Apple, that’s bad news for the jailbreak community. But even if that were true, Pangu not being in the game anymore is not the end of the world.
What would be perfect is if expert jailbreakers would come together and collaborate on a new project for iOS 10 that uses some of the yet-unknown KPP bypasses that some of the attendees as well as organizers are bound to be hiding up their sleeves. There’s a string of security conferences between now and August, and MOSEC 2017 as well as several others like DEF CON 25 will be perfect venues for such collaborations.
The important thing to note is that jailbreak activity is going to start increasing rather than decreasing, and for now it’s going to be heavily focused on cracking the iOS 10 jailbreak code. The more screws Apple puts on the jailbreak community, the more resilient they become. Hopefully, more productive as well, from a jaibreak fan’s pov.