Web application security specialists keep looking for a jailbreak method to exploit potential vulnerabilities present in iOS operating systems. Recently, expert Luca Todesco released a tfp0 exploit for iOS 13 beta 2 that opens up huge possibilities for the jailbreaker community.
Although not certain about the current
development stage of this project, Todesco has published some details on the
progress in its jailbreak project.
Web application security specialists mention
that tfp0 is a kernel task port. The success of jailbreak would depend on this
implementation, as developers can write to the kernel memory of the
platforms.
After testing, Todesco may not post more
details about the tfp0 exploit. In addition, the jailbreak’s release date still
looks far away, as the iOS 13 operating system is still in development and its
builds remain unstable.
A couple of months ago the hacker
known as @iBSparkes on Twitter, posted a video showing the existence of a
zero-day vulnerability in beta 1 of Apple’s iOS 13 system. This beta version
had barely been released by Apple a day before the video was released, at the
end of the WWDC 2019 home conference; in other words, it took the hacker only
twelve hours to find the flaw.
After displaying a device running the iOS 13
beta, the hacker launched an unknown app from the second home screen, possibly
containing the proof-of-concept code for the vulnerability; immediately after
launching this app, the device crashed.
According to web application security
specialists at the International Cyber Security Institute (IICS), the iOS 13
jailbreak may be available before the release of the final firmware version in
September this year. If you want to upgrade to iOS 13 beta 2 in the hope that a
possible jailbreak will be launched, we recommend that you stay in your current
iOS 12 – 12.1.2 settings. Do not update to the latest build as Apple has
stopped signing iOS 12.3.
