Georgia Tech Researchers Jailbreak iOS 7.1.2

*********************************
There is now a CONTENT FREEZE for Mercury while we switch to a new platform. It began on Friday, March 10 at 6pm and will end on Wednesday, March 15 at noon. No new content can be created during this time, but all material in the system as of the beginning of the freeze will be migrated to the new platform, including users and groups. Functionally the new site is identical to the old one. webteam@gatech.edu
*********************************

Atlanta, GA | Posted: August 12, 2014

Contact

Sylvia Carson

Research Communications Officer

scarson@cc.gatech.edu

Sidebar Content
No sidebar content submitted.
Summaries

Summary Sentence:

Details of findings presented at Black Hat USA 2014

Full Summary:

No summary paragraph submitted.

Media
  • Researchers Jailbreak iOS 2014 Researchers Jailbreak iOS 2014
    (image/jpeg)

Security researchers at the Georgia Tech Information Security Center (GTISC) discovered a way to jailbreak current generation Apple iOS devices (e.g., iPhones and iPads) running the latest iOS software.

The jailbreak, which enables circumvention of Apple’s closed platform, was discovered by analyzing previously patched vulnerabilities with incomplete fixes.

It shows that quick workarounds mitigating only a subset of a multi-step attack leave these devices vulnerable to exploitation. Patching all vulnerabilities for a modern, complex software system (i.e., Windows and iOS) is often difficult due to the volume of bugs and response-time requirements.

“Our work shows that software vendors must patch all publicly disclosed threats, as they may be exploited in other, equally disruptive attacks,” said Yeongjin Jang, one of the Ph.D. students who led this study.

During Black Hat USA, held from Aug. 2 to 7 in Las Vegas, the GTISC research team  disclosed the process for jailbreaking the current version of iOS (7.1.2) on any iOS device, including the iPhone 5s.

“We start by finding new ways to exploit vulnerabilities with incomplete patches,” said Tielei Wang, a GTISC faculty member who worked closely with Jang as lead of the project. “Then, we use those vulnerabilities to discover new avenues of attack. We’ll detail these vulnerabilities and the exploit techniques that we developed.” 

The research team includes Ph.D. students Yeongjin Jang and Byoungyoung Lee, and research scientists Tielei Wang and Billy Lau.

Additional Information

Groups

College of Computing

Categories
No categories were selected.
Related Core Research Areas
No core research areas were selected.
Newsroom Topics
No newsroom topics were selected.
Keywords
Apple iOS, Black Hat USA, Press Release
Status
  • Created By: Brittany Aiello
  • Workflow Status: Published
  • Created On: Aug 11, 2014 - 12:47pm
  • Last Updated: Oct 7, 2016 - 11:16pm