Jay Freeman Stories November 7, 2014

[tweet https://twitter.com/saurik/status/530454505994076161]

Cydia creator Jay Freeman (better known as Saurik) has tweeted that the Pangu jailbreak for iOS 8.0 to 8.1 is now “stable enough” for use.

We first saw a developer version of the jailbreak last month, with a user version released a week later, complete with Cydia installer. The installer is Windows-only, but it’s an untethered jailbreak, so once it’s done you won’t need to reconnect to a PC following a reboot …  expand full story

Jay Freeman Stories December 22, 2013

(Updates below)

This morning, the evad3rs released the first public iOS 7 jailbreak. At the time, it seemed like something was off because other key members of the community had not been informed of the upcoming release. For instance, Jay Freeman (@Saurik on Twitter) had not been notified and as such the version of Cydia bundled was not official or up-to-date.

It turns out, however, that more questionable activity has taken place. The evasion jailbreak includes a Chinese ‘alternative’ app store, which is full of cracked versions of real apps and games found in Apple’s App Store.

expand full story

The best 4K & 5K displays for Mac

Jay Freeman Stories February 8, 2013

evasi0n jailbreaks record 7M iOS devices in four days

We previously told you that around 1.7 million people had used the new evasi0n tool to jailbreak their iOS device, according to stats from Cydia installs. Today, we get a little update on the progress: Jay Freeman told Forbes that Cydia recorded over 7 million devices, as of last night, and “insanely more new traffic” than the release of iOS 5’s Absinthe jailbreak tool and others before it.

As of Thursday night, Freeman’s alternative app store had received visits from 5.15 million iPhones, 1.35 million iPads, and 400,000 iPod touches that were jailbroken with evasi0n, the first jailbreaking software for the iPhone 5 and iOS 6.1.

Freeman says that evasi0n has brought Cydia “insanely more new traffic” than the release of the jailbreak tool called Absinthe that worked on some versions of iOS 5. And even Jailbreakme3, the popular web-based jailbreak released by iPhone hacker Comex in the summer of 2011, was only used on 1.4 million devices in its first nine days online

Jay Freeman Stories February 5, 2013

evasi0n Jailbreakers reveal the incredibly complicated methods they used to Jailbreak every Apple iOS device

Forbes posted an article on Tuesday that gave some updates on the highly successful launch of the evasi0n jailbreak tool straight from its creators. After having officially released the jailbreak yesterday at noon, according to stats from Cydia’s Jay Freeman, around 1.7 million people have decided to jailbreak their iOS device. Perhaps more interesting is a description of how exactly the four members of the evad3rds team were able to get the job done. Team member David Wang, aka @planetbeing, walked through the process with Forbes:

Evasi0n alters the socket that allows programs to communicate with a program called Launch Daemon, abbreviated launchd, a master process that loads first whenever an iOS device boots up and can launch applications that require “root” privileges, a step beyond the control of the OS than users are granted by default. That means that whenever an iPhone or iPad’s mobile backup runs, it automatically grants all programs access to the time zone file and, thanks to the symbolic link trick, access to launchd.

Wang described the entire process from finding the initial exploit in the iOS mobile backup system to accessing Launch Daemon and getting around code signing and restrictions at the kernel layer:

Once it’s beaten ASLR, the jailbreak uses one final bug in iOS’s USB interface that passes an address in the kernel’s memory to a program and “naively expects the user to pass it back unmolested,” according to Wang. That allows evasi0n to write to any part of the kernel it wants. The first place it writes is to the part of the kernel that restricts changes to its code–the hacker equivalent of wishing for more wishes.  ”Once you get into the kernel, no security matters any more,” says Wang. “Then we win.”

Go to Forbes to read Wang’s entire step-by-step description of the jailbreak process for evasi0n.

Here’s another third-party analysis. The verdict is the same: incredible work.

Powered by WordPress.com VIP