In 2020, Android phones could also give Apple a prison break. On March 5, a Twitter user said he had successfully run the Android 10 system on Apple’s iPhone 7. Jailbreak brush machines aren’t unusual, but this innovation is to use Android phones to give Apple a swipe and run Android on Apple phones. This product is called Project Sandcastle – the Apple system is a bordered sandbox, and sandcastlegives give you an opportunity to create something new in an infinite imagination.
The escape is down, Correum’s still there.
How long the iPhone’s history has been, and how long the prison break has been. The iPhone came out in early 2007, and a few days after the escape, one of the prison-breakers, the open-source software store Cydia, was even five months before the App Store appeared. In ancient times on the Internet, prison break dynamics often swiped the north and south of the river.
Why is prison break so popular? Unlike Android, iOS is a high-walled “prison”, but early system experience is poor, restrictive, such as the inability to replace incoming caller sings, custom wallpapers, system UI, Bluetooth intermission, and the app Store software is not as interactive as Android, many of the software requires paid downloads. It is also not in line with the usage habits of Chinese users.
After jailbreak, these problems are easily resolved, applications can interact with iOS at the bottom, users get the highest rights to their phones, and can add, remove, adjust, or enhance operating system features.
More than a decade later, jailbreak is a very simple thing, online search is full of tutorials, computer installation JailbreakMe, redsn0w, evasi0n and other tools, connected to the phone, the rest of it is all handed over to it.
But the jailbreak is fading, especially after Jay Freeman, the father of Cydia, announced the official closure of the decade-old open source store in 2018. It’s important to note that Cydia is not gone, and users can still download software that they’ve purchased in the past on Cydia, but only prohibit the purchase of software from bigBoss sources.
There are several reasons for the industry’s closure, the first being Apple’s efforts. The battle between Apple and jailbreak geeks never stops, as they upgrade systems to fill loopholes, improve, enrich features and product experiences, and divide the group through various rewards, recruitment and hacking.
The second is the formation of the mobile ecosystem, the APP blowout, and the business model changes, from most paid downloads to free downloads, value-added services charge d’or for.
Third, under the influence of the above reasons, jailbreak becomes more cumbersome and unnecessary, jailbreak users begin to reduce, and the return of the benefits of geeks is also hit. Seven years after data showing that Cydia had tens of millions of users and nearly $250,000 a year, Jay Freeman said, “This service cost me money, and I don’t have any enthusiasm to maintain it.” “
Correum, the remaining start-up team, was founded in 2017 in Delray Beach, a city in southeastern Florida, with an iOS virtual machine (simulator) Corellium, the source of the company’s name.
Correum has seven registered employees on the LinkedIn, and co-founders David Wang (@planetbeing) and Chris Wade (@cmwdotme) are the first generation of iPhone jailbreakrs.
Ten years ago, they teamed up with many other iOS engineers to port Android to the earliest iPhones. Ten years later, on the basis of virtual machines, Correum released project Sandcastle, a new brush tool, in less than a month.
The product is also beta (https://github.com/corellium/projectsandcastle/). Project Sandcastle lets you install Android on iPhone 7 or iPhone 7 Plus by using the checkra1n tool for jailbreak.
Users only need to prepare an Android phone with the tool installed and rooted, set the iPhone or iPad to DFU mode (firmware forced lift level mode), and Project Sandcastle will be able to “auto-magically” do its job.
Project Sandcastle has many “firsts”, such as the first successful crack to iOS 13, the first support for Android jailbreak, and the first tool to run on Linux. In addition to Linux, it currently runs on a Mac, but does not support Windows.
Project Sandcastle, of course, isn’t the perfect jailbreak tool, and Correum says Android can only run on older iPhone 7 and iPhone 7 Plus devices, and only fits some of the underlying hardware options. In addition, the phone is still very cada’ud; jailbreak only has temporary effect, the phone restarts after the failure. But the last problem has been a common occurrence in the past, and now Android can also break out, at least becoming more flexible and convenient for users.
Epic Vulnerability and Jailbreak Risk
Project Sandcastle is based on the Checkm8 bootrom vulnerability. The vulnerability was announced on Twitter in September 2019 by an iOS researcher, @axi0mX, calling it a “rare vulnerability in decades” and “JAIL EPICBREAK” (epic jailbreak), which he named “Checkm8” and read checkmate as a chess “general.” Github Address: https://github.com/axi0mX/ipwndfu
Bootrom is a read-only repository that contains the first code to load when the system starts. BootRom cannot be written and read only when the iOS device starts loading the initial code, and with the checkm8 vulnerability, it allows the OTHERWISE unwritten ROM to read and write. And because the vulnerability is on the hardware, Apple’s re-update of iOS cannot be patched.
The checkm8 vulnerability is found on Apple devices with A5, A6, A7, A8, A9, A10, A11 series processors, affecting iPhone 8 and iPhone X devices from the 2011 iPhone 4S to the 2017 iPhone X.
But Apple has patched the bug since the A12, so the iPhone Xs, iPhone XR, iPhone 11 series, and third-generation iPad Pro devices are all unaffected.
Jailbreak is an act that facilitates parallel with risk. The security implications include the inability to update Apple’s systems and the latest security patches, making them more vulnerable to hackers and malware, resulting in the theft of user privacy information or loss of funds. In August 2015, the well-known vulnerability platform Dark Cloud unveiled a red envelope jailbreak plug-in that led to the leak of apple ID of 220,000 Apple jailbreak devices in China.
The Checkm8 vulnerability is even more dangerous. On the one hand, in case a user loses his phone, criminals can use the vulnerability to bypass Apple’s iCloud account lock and steal user information, which, once released, has also caused a public sensation, with some media claiming that it will affect hundreds of millions of devices. However, there is no news of the incident through the vulnerability, because in fact even if the device is jailbroken, the files on the device are still encrypted.
In addition, checkm8 jailbreak is not handled properly and is prone to damaging the phone system. Because the vulnerability is permanent, it cannot be patched. Fixing any rom vulnerability requires physical modifications to the device chipset, which no company can fix without a callback or a large number of replacements. And you can’t go to the warranty, the post-prison escape device has no access to all warranty policies.
For jailbreak users, the risk is the theft of money and information, and for jailbreakgees, there is also the risk of being sued by Apple.
Correum and Apple have been embroiled in several legal disputes. In August 2019, Apple filed a lawsuit against Corellium, alleging that the company illegally copied operating systems, iTunes and other user interface technologies running on Apple devices without Apple’s official authorization and copyright infringement. In late December, Apple amended the lawsuit to say that the jailbreak violated the Digital Millennium Copyright Act (DMCA) and that Corellium was actually promoting the jailbreak.
Corellium also issued two separate statements in November and December denying that it had violated the DMCA and saying Apple was demonizing jailbreaks and stifling developer innovation. “We’ve spoken to Apple for the past two years and they’ve never suggested that Corellium is infringing copyright,” according tomedia reports, Corellium said, adding that Apple had encouraged the continued development of the technology, and Corellium participated in a security incentive program for invitees only.
There’s no denying that iOS has grown to be today’s secure and easy-to-use system at a faster rate in the more than a decade of jailbreak and Apple’s co-existence. Many of the features of iOS were originally used as jailbreak tools, such as night mode, control center, and context menus. Aside from ulterior black seines, one of the purposes of most geeks studying jailbreaks is to make iOS better and safer.
In fact, it’s not just Apple that’s jailbreak, and Android Root is dying. Although the prison escape army gradually dispersed, but the spirit of geeks will always spread.