We're thrilled to announce the return of GamesBeat Next, hosted in San Francisco this October, where we will explore the theme of "Playing the Edge." Apply to speak here and learn more about sponsorship opportunities here. At the event, we will also announce 25 top game startups as the 2024 Game Changers. Apply or nominate today!

The cat-and-mouse game between Apple and hackers has continued for years with small victories on each side, but hackers appear to have scored an atypically large win this morning: a permanent and unpatchable bootrom exploit for all iPhones and iPads using A5, A6, A7, A8, A9, A10, and A11 series processors — a range covering everything from 2011’s iPhone 4S through 2017’s iPhone 8 and iPhone X.

iOS security researcher Axi0mX publicly released the Checkm8 exploit this morning as a free open source jailbreaking tool, promising that it will even work on phones running the latest versions of iOS. A similar technique has been used by Cellbrite and Grayshift to hack iPhones for surveillance purposes, leading Apple to protect newer iPhones against the exploit with more secure A12 Bionic and A13 Bionic chips.

There are limitations. The iOS device needs to be physically connected via USB for the initial jailbreak, and the exploit doesn’t work remotely. Axi0mX also notes that it isn’t “perfectly reliable yet,” and has only been tested on a MacBook Pro.

But as of now, it can be used to decrypt an iOS device’s keys, dump SecureROM, and enable JTAG testing access. Going forward, it’s expected to enable downgrading to older iOS versions, dual-booting of OSes on jailbroken devices, and a full bypass of iCloud security measures.


VB Transform 2023 On-Demand

Did you miss a session from VB Transform 2023? Register to access the on-demand library for all of our featured sessions.


Register Now

Despite the potential impact on “hundreds of millions of iOS devices,” Axi0mX suggests that the exploit “makes iOS better for everyone,” as it will enable jailbreakers to use newer and more secure iOS releases, and increase the rapid reporting of other vulnerabilities to Apple. Apple now offers bug bounties of up to $1 million for serious unaddressed issues.

VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.