@chronic

For nearly half a decade, teams of hackers and programmers have worked tirelessly to crack Apple’s iOS software code in order to inject new features, themes, and applications. Now, a team led by noted former jailbreak developers Will Strafach, otherwise known as “Chronic”, and Joshua Hill, known as P0sixninja, is working to secure Apple’s mobile platform. The duo, along with a list of unnamed former jailbreak developers, has been working on a new comprehensive platform to secure iOS devices for both enterprises and consumers. Strafach provided us with a preview of the platform known as “Apollo,” the first security product from his new company Sudo Security Group.

Expand
Expanding
Close

Late last month, we reported Swedish security firm Micro Systemation claimed its “XRY” application was capable of cracking an iOS device’s passcode, logging keystrokes, and accessing data like GPS, call logs, contacts, and messages. The video showing the app in action is now removed, but the firm’s claims are coming under scrutiny by at least one fellow hacker. Will Strafach, better known in the jailbreaking community as “@chronic,” just posted his summary of what is really happening with the software to clarify the issue.

While explaining XRY does not use exploits similar to jailbreak programs, as claimed by many covering the story, Strafach clarified the tool is “simply loading a custom ramdisk by utilizing the publicly available ‘limera1n’ exploit by George Hotz. The ramdisk is not even very special, because anyone could put together their own using open source tools.” He continued by explaining the “two-minute” claim of Micro Systemation is only true if a passcode is “0000.” The time increases when a more complex passcode is set.

Chronic also noted XRY cannot be used on iPhone 4S, iPad 2, and third-gen iPads, something most publications are not reporting. Here is his explanation:

Expand
Expanding
Close