iOS 12.4 Jailbreak Made Possible By A Mistake At Apple’s End, Here’s What Exactly Happened
An oversight on Apple’s part during the development and subsequent public release of iOS 12.4 put in place a series of events which led to the ultimate release of a public-facing jailbreak. Apple may be passionately against jailbreaking, but it appears in this instance, it has helped it along.
Apple released the iOS 12.4 update into the public domain on July 22nd, 2019. That release offered a number of fixes, including a resolution for a Walkie-Talkie security flaw and an overhaul to the Apple News+ experience.
The iOS 12.4 release also included the initial groundwork for the release of Apple Card. Additionally, it also included something vitally important to security researchers and those in pursuit of device liberation; a regression relating to a previously fixed security flaw.
Apple will be kicking itself internally for making this mistake, and we’re very sure that heads will have rolled in Apple’s internal engineering teams, but the iOS 12.4 release has made history by paving the way for the first public-facing jailbreak to be available on an up to date firmware version for a number of years. Jailbreak developers and security researchers are usually playing catch-up in that public-facing jailbreaks are often available for outdated versions of iOS. Currently, iOS 12.4 is the latest user-facing firmware available for iPhone and iPad and has a jailbreak available in production.
A regression of this nature is a huge faux-pas for a company of Apple’s size. Apple’s engineers had previously been aware of the bug used and had patched it with the release of iOS 12.3, which, of course, meant that developers and security researchers couldn’t exploit it beyond iOS 12.x.x. Last month’s iOS 12.4 release rolled back those fixes and that allowed developers like Pwn2ownd to quickly implement vulnerability work into their jailbreaks in order to offer a production solution to the jailbreak community.
It’s an almost guarantee that Apple will be actively working to re-patch this issue with a future iOS release but it’s currently unknown if that will come as an iOS 12.4.x release of if Apple will bundle that improvement into the public release of iOS 13 next month. No doubt someone in the security research field will write about this and discuss the issues at conferences but for now, Apple’s internal failure is working out very well for jailbreakers.
If you haven’t jailbroken yet, check out our video tutorial below on how to jailbreak iOS 12.4: