19-Year-Old Jailbreaks iPhone 7 In 24 Hours

An anonymous reader writes: 19-year-old hacker qwertyoruiop, aka Luca Todesco, jailbroke the new iPhone 7 just 24 hours after he got it, in what's the first known iPhone 7 jailbreak. Todesco tweeted a screenshot of a terminal where he has "root," alongside the message: "This is a jailbroken iPhone 7." He even has video proof of the jailbreak. Motherboard reports: "He also said that he could definitely submit the vulnerabilities he found to Apple, since they fall under the newly launched bug bounty, but he hasn't decided whether to do that yet. The hacker told me that he needs to polish the exploits a bit more to make the jailbreak 'smoother,' and that he is also planning to make this jailbreak work through the Safari browser just like the famous 'jailbreakme.com,' which allowed anyone to jailbreak their iPhone 4 just by clicking on a link." Apple responded to the news by saying, "Apple strongly cautions against installing any software that hacks iOS."

Let's get physical

[madwheel]

If only we could physically hack in a damn Micro SD slot.

Re:Let's get physical

[Pascoea]

An a headphone jack?

Re:Let's get physical

You can have both a micro SD card and a headphone jack. Just not on the iPhone.

Re:Let's get physical

[fluffernutter]

..for the time being.

Re: Let's get physical

[fluffernutter]

I'm sure if all things are equal for any particular phone design, no corporation purposely ignores the customers. The question is whether they listen to the customers like you who have reasonable requests, or if they find a separate group of customers who will be easily manipulated into spending more money. Apple is really, really good at the latter.

Re: Let's get physical

[omnichad]

Yes, Samsung has lots of *hot* features that other makers don't have.

Re: Let's get physical

Wait for the 8 they'll introduce the 3.5mm back claiming they invented it.

Re: Let's get physical

[omnichad]

If there's enough left of the phone when the battery comes out...

Yawn

[sometext]

This guy does this every time a new version of iOS comes out and he never releases it publicly. For all we know it's been the same exploit all along.

Re:Yawn

[somenickname]

Seems like it would be easy for Apple to fix this: Just raise the prices until 19 year olds can't afford the iPhone 8. Problem solved.

Re:Yawn

Success through obscurity!

I've also hacked every new Apple product's firmware within 24 hours, but am not going to release any methods. I am also definitely an 18 year old leet haxor called cali^babe^17^ working alone.

Rules of any hacking community:
1. Without proof, the hack doesn't exist.
2. Without proof, the author isn't the publisher.

1 is easy to fix. 2 is for those who believe that big exploits are all released by mysterious little kids.

Re:Yawn

They'd be smart to introduce him to some smoking hot 18 year old chick with an Apple tattoo. He'd be too busy rooting something else to bother with the phone.

Re:24 Hours?

Whenever anyone does anything they're going to build on their past experiences and already established skills. Whether they're doing a Rubik's cube or a crossword or running a race, there's always going to be an 'undisclosed amount of time to develop' that preceded it. I don't see that that invalidates timing how long they took over the latest challenge.

The best part was...

[squiggleslash]

....he was able to use the hack to re-enable the headphone jack.

Re:Apple needs side loading / 3rd party app stores

[Scorpinox]

You can easily side load a lot of stuff yourself using the free personal developer accounts. The apps expire after 30 days though so you have to keep re-adding it every month. I've got a couple apps on my phone that apple would never approve on the store, no jailbreaking.

kthxapple

[SeaFox]

Apple responded to the news by saying, "Apple strongly cautions against installing any software that hacks iOS."

Luca responded that it took "courage" to talk about his exploit and possibly withholding it from Apple.

Re:kthxapple

[geekmux]

Apple responded to the news by saying, "Apple strongly cautions against installing any software that hacks iOS."

Luca responded that it took "courage" to talk about his exploit and possibly withholding it from Apple.

I say he offers it in exchange for a headphone jack.

Clearly

[The-Ixian]

This demonstrates how full of security holes all our devices are.

Apple prides itself on security, yet even their products are like swiss cheese.

Re:Clearly

[cfalcon]

Most iPhone jailbreaks rely on the phone opting in to the exploit, they usually aren't just "get text message, get owned". That's a different class of security vulnerability.

Of course, there are exceptions, like the one used recently that got patched within days.

Re:24 Hours?

[evileeyore]

if you look at this twitter feed he was talking about the new software/hardware weeks ago. so yeah has been working on it for a while.

Re:24 Hours?

[someone1234]

You all got this wrong, It is the actual jailbreaking process that takes 24 hours.

Re:24 Hours?

[StikyPad]

Because he likely used an existing exploit and changed some addresses for the new OS/Hardware. That's not the same as discovering a new vulnerability and exploiting it in the same amount of time. It's like remarking that someone had a baby less than 24 hours after getting married, and not understanding how that could be possible.