iOS 7.1.2 Jailbroken by Researchers

— August 02, 2014

Security researchers at the Georgia Tech Information Security Center (GTISC) have discovered a way to jailbreak current generation Apple iOS devices (e.g., iPhones and iPads) running the latest iOS software, according to ScienceDaily.

The jailbreak, which enables circumvention of Apple's closed platform, was discovered by analyzing previously patched vulnerabilities with incomplete fixes.

It shows that quick workarounds mitigating only a subset of a multi-step attack leave these devices vulnerable to exploitation. Patching all vulnerabilities for a modern, complex software system (i.e., Windows and iOS) is often difficult due to the volume of bugs and response-time requirements.

"Our work shows that software vendors must patch all publicly disclosed threats, as they may be exploited in other, equally disruptive attacks," said Yeongjin Jang, one of the Ph.D. students who led this study.

During Black Hat USA, the GTISC research team will disclose the process for jailbreaking the current version of iOS (7.1.2) on any iOS device, including the iPhone 5s.

"We start by finding new ways to exploit vulnerabilities with incomplete patches," said Tielei Wang, a GTISC faculty member who worked closely with Jang as lead of the project. "Then, we use those vulnerabilities to discover new avenues of attack. We'll detail these vulnerabilities and the exploit techniques that we developed."

A Georgia Tech team that includes Ph.D. students Yeongjin Jang and Byoungyoung Lee, and research scientists Tielei Wang and Billy Lau discovered the jailbreak.

POST A COMMENT

comments powered by Disqus

RATE THIS CONTENT (5 Being the Best)

12345
Current rating: 0 (0 ratings)

MOST READ STORIES

topics

Must See


FEATURED REPORT

Mobile Risk: Security Is Not a Game

IDC predicts 2 billion mobile devices will be shipped by 2017, while Gartner expects a 26 billion Internet of Things installed base (excluding smartphones and tablets) by 2020. With more devices, more machines, more connectivity comes more risk.