Jailbreaking iPhones have become less trendy in recent years, partly because Apple has provided many of the functionality and security that users have been asking for. The other reason is that each iOS release has made it more difficult to find exploits that would give hackers entry to jailbreak those mobile devices. It is then quite ironic that the latest update, in fact, does the exact opposite, allowing them to create the first public jailbreak release in quite a long time.
Jailbreaking and its Android counterpart, rooting, are pretty much hacks that exploit vulnerabilities that, in turn, give users privileged access to an otherwise closed system. Naturally, platform makers like Apple have been closing those security holes because, aside from granting users privileged access, they can also give hackers the ability to bypass iOS security.
As such exploits became less common, jailbreaks have also become more secretive and less publicized. Security researchers and forensics companies seek to profit from the hard work put into looking for and taking advantage of those holes. Fortunately for hackers like Pwn20wned, however, Apple itself provided the keys to one door that made it too easy to develop a new jailbreak that, probably because of the ease, was released freely to the public.
iOS 12.3 patched a security bug reported by Google’s Project Zero but was mistakenly reverted in iOS 12.4. The kernel vulnerability could be paired with a Safari bug that can then be used to monitor users’ browsing habits without their knowledge. Now that exploit has been used to develop a jailbreak that works all the way up to iOS 12.4 though skipping iOS 12.3.
It isn’t a complete victory for jailbreakers, of course, as Apple will most likely roll out a patch soon that plugs up that hole again. That said, even non-jailbreaking iPhone users should be more careful with their browsing now that Safari and their iPhones are once again vulnerable to hacking.