An iOS 9.2 and 9.3 beta 1 jailbreak have both been teased by iOS security researcher, Luca Todesco, but for the general public, so far we’ve only seen jailbreaks for up to iOS 9.0.2. So what gives? Is another jailbreak bound to drop before iOS 10 or are we pretty much done for this cycle?
As usual, I’ve done a little snooping around to see what I can find regarding an upcoming jailbreak for iOS 9.2 or 9.3. Talking with Todesco, I was given a little bit of insight and so I am sharing it with you.
Want a New iOS 9 Jailbreak? Stop Updating!
First of all, anyone who values jailbreaks should basically avoid updating their device. This has been the rule of thumb since the beginning of jailbreak time. There’s a couple reason is that sometimes a bug exists in an older firmware that is unjailbroken that has been patched in newer firmware and jailbreak developers often have to make decisions about when to release that jailbreak. For example, say a jailbreak developer have figured out a way to create a jailbreak for iOS 9.1, but 9.2 is expected to release in the next week or so. The developer will often wait to drop the jailbreak to see if the newer firmware patches it. If the jailbreak is still possible on the newer firmware, it’s a better idea to wait till that firmware releases so the jailbreak reaches a larger population of users.
Will We See An iOS 9.2 Or 9.3 Jailbreak Release?
Ok, so basically you should be very pessimistic about the possibility of an iOS 9.2 or 9.3 jailbreak releasing. Talking to Todesco, iOS 9.2 and 9.3 are extremely difficult jailbreaks to pull off and won’t likely make their way to the public. I'm not saying it's impossible because we've seen crazy stuff happen in the past, but the likelihood is small. An iOS 9.1 release, however, is much more probable.
psa: 9.2 is much harder to jailbreak than 9.1, so if you are on 9.1, don't update.
— Luca Todesco (@qwertyoruiop) January 8, 2016rule of thumb: if you want your devices to be exploitable, don't update them. patched bugs are better for jb vs dropping 0day all the time
— Luca Todesco (@qwertyoruiop) January 8, 2016According to Todesco, "iOS 9.1 is pretty easy to jailbreak -- you just have to take Pangu 9 and replace a certain bug."
Since jailbreaks require a long chain of exploits, only needing to replace one of them definitely makes the job easier.
Ok, so if iOS 9.2 and 9.3 are so difficult to jailbreak how has Luca managed to do it, and why isn’t he releasing it? Is he faking? First off, he is not a faker. Todesco has reported numerous bugs to Apple and is regularly cited on its security briefs. He also played an integral role in the release of the most recent jailbreak. The iOS 9.2 and 9.3 jailbreaks he’s shown are real. Will either of them release as is? No.
WHY????
The answer comes down to responsibility. Todesco is first and foremost a security researcher. His interest is in finding bugs and helping the companies he reports bugs to (namely Apple) make their systems more secure for users.
Creating jailbreaks involves finding and piecing together bugs or problems in Apple’s system so you can break the rules that the company has put in place for the device. That’s fun of course, but it does make your device less secure.
Jailbreak developers have traditionally created jailbreaks that require physical access to the device and user interaction. But what if you have a bug that allows remote access to a device? Or what if the bugs are easily exploitable by bad guys?
If jailbreak developers don’t think carefully about the bugs they are releasing in their jailbreaks, then they may potentially put their users at extreme risk for getting hacked remotely or other nasty things.
At this point, Todesco has decided his research is not fit for public consumption.
"It's about the fact that the bugs themselves can be dangerous and there are some exploits that are 'jailbreak-grade' and others that are not," said Todesco.
Though some people in the jailbreak community feel frustrated when they see jailbreaks teased that they’ll never get their hands on, at the end of the day, the bugs found belong to the researcher. If the researcher determines that releasing the bugs he or she is holding wouldn’t be good because bad guys could use them in really bad ways, then we just have to accept that.
