It’s been a while since we’ve seen a a reliable iOS jailbreak. You’d have to go back to iOS 10.2.1 to find a working version that’s widely-known. Since the last working exploit, the jailbreaking community has mostly gone dark, with repositories remaining un-updated (or closed) and a group of once cooperative hackers now at large with both each other and those hungry for future exploits.
Our own Abhimanyu Ghoshal even penned a piece to signify the cat and mouse game between exploit-hunting hackers and Apple developers was, well, pretty much over.
That’s until a recent tweet by Google researcher Ian Beer, anyway.
If you're interested in bootstrapping iOS 11 kernel security research keep a research-only device on iOS 11.1.2 or below. Part I (tfp0) release soon.
— Ian Beer (@i41nbeer) December 5, 2017
Beer’s tweet doesn’t exactly give away the ending, but popular opinion seems to suggest he’s working on, or perhaps close to revealing, a jailbreak for iOS version 11.1.2 or below.
A Motherboard piece seems to follow this logic, with a caveat — which we’ll get to in a moment.
Ian Beer is a Google Project Zero security researcher, and one of the most prolific iOS bug hunters. Wednesday, he told his followers to keep their “research-only” devices on iOS 11.1.2 because he was about to release “tfp0” soon. (tfp0 stands for “task for pid 0,” or the kernel task port, which gives you control of the core of the operating system.) He also hinted that this is just the first part of more releases to come. iOS 11.1.2 was just patched and updated last week by Apple; it is extremely rare for exploits for recent versions of iOS to be made public.
Reddit is also abuzz with the news.
The reason this is so big is that iOS 11 was only updated last week. Finding a recent public jailbreak is rare, as these are the sort of exploits that typically net a nice payday for bug bounty hunters (or blackhat hackers). But Beer, a Google employee working on iOS exploits as part of his day job would have little incentive (or is perhaps contractually obligated not to) to chase these types of rewards.
As for the likelihood OP will deliver, it’s hard to doubt Beer. He’s the same researcher who released exploits for iOS 10.1.1 and 10.3.2 in the past. And according to Motherboard, he’s found several 0days in iOS during his time at Google.
But before you get too excited, it’s important to note that whatever Beer releases probably won’t be a full-blown untethered jailbreak: meaning, you’ll have to plug in the device each time it boots. Sorry kids, the days of one-click exploits are long over.
What security researchers we spoke with all seem to agree on, however, is that it’ll provide the pieces needed for the jailbreak community to, perhaps, figure out the rest.