iOS 9.3.4 update credits Team Pangu for closing jailbreak hole

The irony of Apple's latest security bulletin is perhaps not lost on the jailbreaking community. A mere days after the said community rejoiced over the release of a jailbreak tool for the current iOS 9.3.3, Apple releases an iOS 9.4.4 update that, though not explicitly saying so, practically plugs up the exploit used to jailbreak the iPhone. As if adding insult to injury, the bulletin specifically names Team Pangu, the popular hacking team devoted to jailbreaking iOS.

Of course, Apple is merely citing the group as perhaps those who discovered, and then exploited, the bug. Considering who Team Pangu is, it is undoubtedly a bug that closes the doors to jailbreaking yet again.

The situation merely highlights the game of cat and mouse that Apple and the jailbreaking community always play. Apple releases an iOS update that plugs up security holes, then developers hunt for bugs that they can use in order to jailbreak the device to give users access to more features than Apple would allow. In this particular instance, the bug allowed arbitrary code to run with kernel level privileges, which is to say complete access.

The update will undoubtedly irk the jailbreaking community, though it isn't exactly surprising. Each iOS version has become increasingly to jailbreak. At the same time, Apple continuously adds features that remove the need to jailbreak devices. Of course, there are still some reasons left and Apple is unlikely to cater to everyone's needs or wishes.

Since it is practically a security exploit, jailbreaking carries it own heightened risks, something that was also highlighted in a fresh incident involving Team Pangu itself. An allegedly tainted copy of a jailbreaking tool for iOS 9.3.3 was reported to have compromised users' Facebook accounts, credit card and PayPal information. Although Team Pangu may be clear of wrongdoing, the case does demonstrate who jailbreaking exposes users to hacking even more and requires more vigilance and work to keep their devices and data safe.

VIA: Ars Technica