A View from Tom Simonite
Military Malware May Have Killed the iPhone Jailbreak
Malware developers will pay large sums for the bugs needed to loosen Apple’s software restrictions.
Since the debut of the first iPhone, Apple has played a cat-and-mouse game with hackers who want to install “unofficial” software onto their locked-down devices. That game may be about to end thanks to the booming business in state-backed malware.
The race between Apple and the hackers goes like this: hackers develop and release software that can “jailbreak” an iOS device so it can be tinkered with freely, then Apple neutralizes the new method with a software update. The latest round started in early February when a group of coders known as Evad3rs released their latest jailbreak tool, evasi0n, and Apple appears poised to release a patch soon.
All that could soon be over because jailbreaks work by exploiting previously unknown bugs in Apple’s software. Those are also known as “zero days” and are now very valuable to people building sophisticated malware for the purposes of surveillance and industrial espionage (see “Welcome to the Malware-Industrial Complex”). People with knowledge of the market for vulnerabilities say the value of iOS bugs is high enough to make selling a bug much more attractive than working it up into a new jailbreak method.
Charlie Miller, a hacker famous for demonstrating ways to hack the iPhone and other Apple products, tweeted around the time of evasi0n’s release that it would likely be the last. He listed five reasons, including that Apple has tightened the security of its products and that a person who found a zero day for iOS could “sell it to make $250k.”
The cofounder and CTO of mobile security company Lookout, Kevin Mahaffey, gave a higher estimate earlier this week, telling me that the “current price” of iOS zero days is $500,000. The Evad3rs have a donation button on their jailbreak site but whether it could raise amounts competitive with such sums is unknown.
The zero day market is a shadowy one, so getting a price like those estimated by Mahaffey and Miller would require having the right connections. Apple’s work on making iOS tougher to crack may make that more likely, since finding a zero day for the operating system has become a more elite pursuit. Zero days for mobile systems are particularly valuable because they are rarer than for conventional computer systems, people are less wary of security threats on mobile devices, and they tend to stay undiscovered and unpatched for longer.
All that means that evasi0n may be the last of the publicly available jailbreaks. Jailbreaks will still be around, but only intelligence agencies and military will be doing them. What Apple thinks of that is anybody’s guess.