Web application security specialists keep looking for a jailbreak method to exploit potential vulnerabilities present in iOS operating systems. Recently, expert Luca Todesco released a tfp0 exploit for iOS 13 beta 2 that opens up huge possibilities for the jailbreaker community.
Although not certain about the current development stage of this project, Todesco has published some details on the progress in its jailbreak project.
Web application security specialists mention that tfp0 is a kernel task port. The success of jailbreak would depend on this implementation, as developers can write to the kernel memory of the platforms.
After testing, Todesco may not post more details about the tfp0 exploit. In addition, the jailbreak’s release date still looks far away, as the iOS 13 operating system is still in development and its builds remain unstable.
A couple of months ago the hacker known as @iBSparkes on Twitter, posted a video showing the existence of a zero-day vulnerability in beta 1 of Apple’s iOS 13 system. This beta version had barely been released by Apple a day before the video was released, at the end of the WWDC 2019 home conference; in other words, it took the hacker only twelve hours to find the flaw.
After displaying a device running the iOS 13 beta, the hacker launched an unknown app from the second home screen, possibly containing the proof-of-concept code for the vulnerability; immediately after launching this app, the device crashed.
According to web application security specialists at the International Cyber Security Institute (IICS), the iOS 13 jailbreak may be available before the release of the final firmware version in September this year. If you want to upgrade to iOS 13 beta 2 in the hope that a possible jailbreak will be launched, we recommend that you stay in your current iOS 12 – 12.1.2 settings. Do not update to the latest build as Apple has stopped signing iOS 12.3.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.
