05/26 Updates below. This post was originally published on May 24
Apple having a bad week. And now it’s getting worse.
Following a new eye-opening report that Apple’s claim “ignores and violates the basic rights” of iPhone and iPad users through Siri’s secret recordings, the company has now been hit with a new one hack zero days which has an impact on every iPhone released since 2013. That’s almost all 900 million active Apple iPhones confirmed was used last year.
05/25 Update: Apple has made the first iOS 13 fix via a remote server switch (meaning you don’t need a new version of iOS). Unfortunately, this does not discuss zero-day hacking, but patching a defects introduced in iOS 13.5 which damaged major applications including WhatsApp, Facebook and YouTube. The consequence of this is that iPhone users will find dozens of application updates pushed to their phones at once, which might prove confusing. The reason Apple did this was to reinstall this application to fix the problem. Now with Apple clearly in this case, the countdown starts for zero-day repairs.
02/26 Update: Learn more about hacking Un0ver, the security contact has told me that currently requires physical access to your iPhone to operate. This gives full device access (microphone, text, images, camera, etc.) but will require an additional RCE (Remote Code Execution) to hack it remotely. This is what hackers are doing when Apple scrambles to release a fix. It is very unlikely that unc0ver will assist this process, however, this is only a specialized jailbreak specialist. If you choose to jailbreak your iPhone using unc0ver hacks, you should be vigilant about installing the application because this app store doesn’t have Apple’s level of quality and strict security controls.
Buried in an ambitious new jailbreak by unc0ver, the vulnerability is extraordinary in its scope, allowing jailbreak to sandbox itself behind iOS / iPadOS security and hides all traces of its access to the platform’s core code. And while unc0ver has good intentions and a large jailbreaking community celebrating these achievements, the vulnerability affects all versions of iPadOS and iOS 11, 12, 13 (including new ones iOS 13.5 which is pandemic focused). This means the iPhone 5S, iPad Mini 2 and all devices because it is a potential target for hackers with less charitable intentions.
In addition, we will not expect improvement in the near future. Pwn20wnd, the mastermind behind hacking, believes it will take “a minimum of two to three weeks” for Apple to patch it and notify Wired that iOS 14 could be prone to the same mistakes if Apple failed to resolve them before launching in September. Meanwhile, Unc0ver confirmed that the interest in hacks was very good damage the site.
And this is all part of a broader picture of iOS alerts. Last month the iOS Mail vulnerability was discovered by ZecOps affecting every iPhone that has ever been made. While Zerodium Zero-day buyers have stated that they are not interested in buying new zero-day exploits for 2-3 months due overwhelmed by shipping. Following up on this, Zerodium CEO Chaouki Bekrar said it more clearly, tweeting: “IOS security is f *****.”
For Apple, which is heavily trading in privacy and security, this is a big problem. For millions of iPhone owners around the world, who pay dearly for devices that are expected to fulfill this ideal, that’s even more worrying.
I have contacted Apple about a jailbreak that does not exist and will update this story when I get a response.
Follow Gordon Facebook
to request modification Contact us at Here or [email protected]