The security researcher who developed the “Checkm8” exploit has continued working, and has demonstrated an iPhone X booting in verbose mode with the aid of the exploit that was revealed on Friday.
According to “axi0mX.” the jailbreak took only seconds on an iPhone X running iOS 13.1.1. As the exploit is in the boot ROM, the operating system version isn’t really relevant to the exploit, as the security chain is broken before the device gets to the patchable iOS part.
As before, the exploit still requires a tether, meaning a connection to a computer. Additionally, a reboot will prevent any system modifications like keyloggers installed during the jailbreak from loading, and restores the Secure bootchain.
HACKED! Verbose booting iPhone X looks pretty cool. Starting in DFU Mode, it took 2 seconds to jailbreak it with checkm8, and then I made it automatically boot from NAND with patches for verbose boot. Latest iOS 13.1.1, and no need to upload any images. Thanks @qwertyoruiopz pic.twitter.com/4fyOx3G7E0
— axi0mX (@axi0mX) September 29, 2019
As the developer of the exploit said on Saturday, the demonstration is the next logical step in developing a new and full jailbreak. Because of the limitations involved in a boot ROM exploit and the Secure Enclave engineering in the iPhone 5s and later, it still doesn’t imply anything further in regards to device security.
The exploit works on any iPhone up to and including the iPhone X. User data and passcode security is maintained with any device that includes a Secure Enclave, including the iPad Air and newer, iPod touch seventh generation, and the iPhone 5s and newer.