New security updates overtake jailbreak advantages.

There are just so many privilege escalation fixes in the latest iOS 12.2 update. I finally removed the jailbreak from my primary device and updated.  Privilege escalation is when an unprivileged or user process (like an app from the app store or even a web page*) gets root or even kernel authority.  This is when bad turns to worse because it can do and see anything with any of the device’s data or sensors.   Since even the big trusted apps have been caught tracking or stealing data, I simply couldn’t leave myself unprotected any longer.

I’ll still of course keep a development device jailbroken on 12.1.2 for all of the reasons. It was a wonderful experience, only slightly beta. I appreciate all the hard work by everyone in the scene. I think i am going hate seeing the home bar again the most.

* web pages are often sandboxed separately from the app itself. Some might argue that a webpage would first have to escape the sandbox before it could escalate privileges. this is true, but i would respond that sandbox escape is just another form of privilege escalation, only one level down. There are also over a dozen webkit fixes in this update.

Open source artisanal iOS Jailbreak released using only grass fed locally sourced exploits.

Cydia - Package management system for Jailbroken iOS.

A long time in the works, this is the first completely open source jailbreak to be released for an almost current version of iOS (11-12.1.2).  This is an interesting jailbreak.  It is semi-tethered, but unlike previous jailbreaks, this can at least be untethered from the device itself.  Using Cydia Impactor, you can side load the unc0ver app and install the jailbreak directly from the app.  it also allow the easy rejailbreak upon reboot or battery drain. Great work all around despite the remaining bugs and instability (it is still beta. Huge thanks to the efforts of @pwn20wnd and @sbingner).  To be honest, there are very few tweaks and apps that are ready for iOS 12, but i am excited to see the tradition of jailbreaking continue.  I have cydia again!  For the first tine since I closed down my own cydia repo.  C’mon developers, do you thing!

iOS jailbreak 12 unc0ver iOS 12 jailbreak -Cydia on iPad Pro
In truth, i never got it going on my phone, only my iPad.  I get a crash on my phone immediately after this dialogue comes up.  It took a few passes to get a picture (this one extracted from a screen record).  Not sure exactly what went wrong, but “Unexported kernel task port” is my best clue.  With my phone cashing as soon as it becomes untethered, i am never actually able to run Cydia. On my iPad, instead of rebooting, it resprings.  either way, it is very hard to read the final message.

iPhoneX iOS 12 unc0ver jailbreak fail

UPDATE:  This problem was resolved in b38.

iOS 11! installed!

looking good with exciting new Control Center and loads of other features. my favorite is 5x sleep to disable touch ID (instantly and temporarily). I am looking forward to the new Augmented Reality features built into ARkit. I cannot wait to see what developers do with it.

There are a few sticky wickets (i.e. Apple changed the bluetooth and wifi toggle functionality in Control Center). For example, if you “turn off” wifi it actually just disassociates you from your current network leaving your wifi radio on and functioning. i don’t mind because i wanted exactly this feature. if you actually want to turn off a radio, you need to go to your Settings app or turn on Airplane mode.

Apple maps is stepping up their game with indoor maps of malls, airports and others allowing navigation without GPS or even a view of the sky. Easy trick to share your complex wifi password with other apple devices and of course native animated GIF support!

Continue reading “iOS 11! installed!”

Waisting my time at the Apple Store

I’m at the Apple Store resolving an issue with my iPhone camera.  The same camera Jitter that is already an extended replacement with Apple for the iPhone 6 Plus.  No warranty left and no love for my 6s Plus. They wanted to charge me $80.  After begrudgingly agreeing and waiting an hour for the repair.  i returned to a phone with a completely non-functioning camera.  whoops.

Final iPhone Backup Before Apple Replacement

I hurriedly backed up my phone in preparation for Apple replacing it.  I have now been here for 3 hours.  I spent most of my time waiting for someone.  Now waiting for activation of the new phone.   Then waiting for restore.  In all, my customer service experience was much worse then expected.  After very helpful and accommodating internet support, I received absolutely terrible support from the Apple Store itself.  When i asked to complain to a manager, the “Leader” they brought out was condescending and robotic in his rhetoric.  The 2nd guy, was a lot more understanding, but Apple needs to take a hard look at their customer service.

End of an era! cydia.be3n.com shuttered after 7+ years!

In truth, I haven’t touched it in years.  I haven’t even touched cydia recently. Sadly, all this work would only be useful for someone with an original or 3g iPhone. Apple certainly doesn’t support those devices anymore.  Does anyone still use them?  Unfortunately, my ISP insists that I remove the content.  After 7 years of hosting it, they realized it violates TOS.  I should check the logs.  I wonder if it will even be missed.  People say the internet never forgets.  Sometimes it is quite the opposite. For nostalgias sake, I left the instructions site up: http://cydia.be3n.com/ (at least that does’t violate Dreamhost TOS).  For the record, much of my work continued support well into iOS 4.

cydia.be3n.com site

. . . Maybe it will rise again on S3?

Bizarre FaceTime error could have horrifying security implications!

ios9 facetime iconI just got off a very strange call. Apparently, a complete stranger received a FaceTime request from me. “Butt Dial” right?  no big deal. Not this time.  At the time, i was in the middle of a FaceTime call with my dad.  I am almost certain I know exactly when it happened because i noticed a call-waiting style interruption on our call.  The first strange thing i noticed was that the incoming caller was my dad.  The same dad, I was presently talking to.  I rejected the call, thinking it was my dad accidentally calling from a different device. Then, moments later I get a mobile call from another LA number.  This time from an irate husband demanding to know why I would FaceTime his wife.  Unfortunately, I may have given them the wrong impression by asking questions of them.  The IT guy inside me wanted to figure out what just happened. Needless to say, they didn’t enjoy being grilled.  I barely had time to get out a few apologies, i don’t think they even realized that I hadn’t actually even called them.  I did get some answers.  They were not on a call at the time.  They were not even on the device.  My call history shows no outgoing calls save my dad.  my dad’s history doesn’t show the missed call on my history from him. I am almost certain I will never know what actually happened.  I am guessing that Apple FaceTime system might be a bit more duct tape and spit then we were lead to believe.