Ian Beer To Release tfp0 Exploit For iOS 11.1.2 And Below, Potentially Leading To Jailbreak
Ian Beer has taken to Twitter to let the jailbreak community know that he plans on releasing a discovered tfp0 exploit for Apple’s iOS devices running iOS 11.1.2 and below.
Beer is already well-known and respected in the security world thanks to his work with Google and the Project Zero team, but his name is fast becoming famous in the jailbreak world after discovering multiple security vulnerabilities in iOS and macOS, which has previously forced Apple to rewrite parts of the kernel belonging to those platforms.
This latest discovery could be one of the biggest parts of the jigsaw for a modern jailbreak for compatible devices. It’s worth mentioning that this discovery and potential release is not a fully working and functional jailbreak that will liberate compatible devices running iOS 11.1.2 or below. Instead, this is what is being defined as a tfp0 exploit which essentially allows those with the necessary skillsets and knowledge of Apple’s iOS platform to run unsigned and unofficial code at the kernel level. This is basically the highest level of privilege possible, meaning, that in the right hands, and with right exploits such as Luca Todesco’s yalu102 KPP bypass, this could be a significant part of putting a jailbreak together for iOS 11 (iOS 11.0-11.1.2).
This may be Beer’s day job, working with security and finding these types of vulnerabilities, but at no point has he ever stipulated that he is working on a jailbreak release which utilizes his findings. His tweet suggests that anyone who is interested in “bootstrapping iOS 11 kernel security research” should prepare themselves a “research-only device on iOS 11.1.2 or below”. He then goes on to mention that the “Part 1 (tfp0)” release will be coming soon. No additional information was provided with the tweet.
Interestingly, the tweet is actually the first to come from @i41nbeer Twitter account, which was only created during December. That alone could make it look slightly suspicious if it wasn’t for Ben Hawkes – also of team Project Zero – actually confirming that the account does belong to his colleague, and then taking the opportunity to mock the expected response of the jailbreak community with the “wen JB eta” text inside of the confirmation tweet.
For those who are currently running iOS 11.2, it could be the perfect opportunity to downgrade to an earlier version of iOS 11 in the event that this is used to create a functioning jailbreak. At the time of writing this post, Apple is still signing iOS 11.1.2 for all devices. Downgrade while you can!
- v0rtexNonce - Downgrade from iOS 10.3.x to iOS 10.2/ 10.2.1 Without Jailbreaking How to Downgrade iOS 11.1.2 to 10.3.3 for A7 Devices With SHSH? FilzaJailed – Filza for iOS 11.1-11.1.2 with Read/Write Privileges iOS 10.3.3 vs iOS 11.1.2 – To Update or Not to Update? iOS 10.x Wi-Fi Exploit Released; Raises Hope of iOS 10.x Jailbreak iOS 10.2.1 Jailbreak Status: Saïgon is Closed, but there is still Hope How to Install FilzaJailed iOS 11 -iOS 11.1.2 Without Computer? iOS 10.3.1 Jailbreak is 66% Done, Says Alibaba Hacker