Google releases a tool that helps security researchers hack iPhones
Ian Beer, a well-known name among iOS bug bounty hunters who works for Google Project Zero, released a proof-of-concept tool on Monday that allows security researchers and other developers to hack into iOS 11.1.2, a recent version of Apple’s operating system. This could open up the possibility of jailbreak for devices such as iPhones and iPads running iOS 11.1.2.
For those unaware, Google’s Project Zero identifies bugs and exploits in all kinds of software of various companies to make them safer.
According to Beer, the tool released takes advantage of an exploit called “tfp0”. Beer says the tool was tested on iPhone 6s, iPhone 7 and iPod touch 6G. However, he believes that with some tweaks, the tool should work on all devices.
“tfp0 should work for all devices, the PoC local kernel debugger only for those I have to test on (iPhone 7, 6s and iPod Touch 6G) but adding more support should be easy,” Beer wrote .
The Google researcher last week teased this release in a tweet that asked the iOS 11 kernel security researchers to keep a research-only device on iOS 11.1.2 or below raising sparks of a fresh exploit of the OS.
“If you’re interested in bootstrapping iOS 11 kernel security research keep a research-only device on iOS 11.1.2 or below. Part I (tfp0) release soon,” Beer said at the time.
Speaking to Motherboard, Google told that Beer’s goal is to allow other security researchers to explore and test iOS security layers without the need to develop and find their own exploits. In other words, Google gave other researchers a head start to carry out their own research.
According to Google, their ultimate goal is to help security researchers search and find other potential vulnerabilities and hopefully report them to Apple so that they get fixed and the operating system is made safer.
“While it might seem surprising that Google would release a tool to hack a device from a competitor, it actually makes a lot of sense. The iPhone is one of the hardest consumer devices to hack, and researchers who can do that and are able to find bugs in it rarely report the bugs or publish the tools they use because they are so valuable”, said Motherboard.
However, the disclosure opens up the possibility for the jailbreaking community to bootstrap an iPhone jailbreak until Apple issues a fix.