Pangu Jailbreak Team To Speak On iOS 8 Exploits At A Security Conference In U.S.
The Pangu jailbreak team has announced on Weibo that a number of its prominent members will be attending this year’s Black Hat USA, a conference intended for the InfoSec community that has been held annually in Las Vegas for the last eighteen years. After recently demonstrating an iOS 8.3 jailbreak at the MOSEC security conference in Shanghai, this new forum should provide an excellent playground for the team to discuss the security design of Apple’s iOS in greater detail.
It’s perfectly understandable that a lot of the attention will now be focused on iOS 9, especially considering it has officially made its first public outing during Apple’s WWDC 2015 keynote earlier this week. Even more so, TaiG – another prominent team in the jailbreak scene – has revealed that it is currently diverting its focus on an iOS 9 jailbreak, with no intention to release an iOS 8.3 or iOS 8.4 jailbreak solution just yet. Pangu Team however, is currently focusing all of its collective efforts on iOS 8.3/8.4 and will discuss the security of the current-generation firmware in a talk that is titled “Review and Exploit Neglected Attack Surfaces in iOS 8“.
The two-day main event will take place in Las Vegas between August 5-6 and will feature the talk presented by Pangu Team members Tielei Wang, Hao Xu, and Xiaobo Chen. As part of its official postings, the Pangu Team has provided a rather technical overview of what will be discussed in greater detail during the presentation:
The security design of iOS significantly reduces the attack surfaces for iOS. Since iOS has gained increasing attention due to its rising popularity, most major attack surfaces in iOS such as mobile safari and IOKit kernel extensions have been well studied and tested. This talk will first review some previously known attacks against these surfaces, and then focus on analyzing and pointing out those neglected attack surfaces. Furthermore, this talk will explore how to apply fuzzing testing and whitebox code auditing to the neglected attack surfaces and share interesting findings.
Like we said, the presentation is aimed primarily at the experienced InfoSec community and will likely go immediately over the head of average iOS device users.
It was only yesterday when we heard that another Chinese group ‘Keen Team’ is working on an iOS 9 jailbreak with support from the Pangu Team. Judging by how things are going, we’re expecting some good news from prominent jailbreak teams in the days and weeks to come, so stay tuned.