Jailbreaking Mobile Devices 2020
Now you might ask yourself “Is this 2010?” since we are talking about Jailbreaking and Rooting phones. The answer is no, but it could be increasing in popularity again for everyday users to begin opening up mobile devices to dangerous third-party stores and applications after by-passing manufacturer’s security settings.
If you don’t know what jailbreaking or rooting a device is, here is some background. Once Apple introduced the iPhone, a lot of nerds… um technically inquisitive people wanted to begin challenging one of the key features surrounding the device and that was the lock down and control of what could be installed, modified and enhanced on the device and its applications. Apple limited users to only download applications from their App store (which is still the case today) and tightly controlled the applications that it allowed to be presented on the app store. Their position was that they knew how the device operated and they would not allow other developers to go beyond what they would allow for the device. It also locked users into specific carriers as well, Apple distributed devices to mobile carriers and they locked those phones to their networks. Some within the hacking community started to look for holes within the platform’s iOS operating system and soon discovered them. These discoveries would allow the researchers to take advantage of the flaw and break the device out of the “Apple Jail” and allow them to install alternate iOS distributions as well as allow them to download applications from 2nd and 3rd part application sites that rapidly grew after the initial successes. Rooting of Android devices was also very popular, but that platform was always meant to be open and free to explore and configure (less some carrier restrictions that still existed).
By 2015 Jailbreaking had mostly subsided and headed back to the fringe. Until recently, when it was discovered that security researchers and hackers had gained access to a leaked version of iOS 14, Apple’s next operating system. This puts an almost 8 months jump on identifying security flaws within the os and allows for further jailbreaking opportunities. Last year, researchers released a jailbreak for almost every phone within the current market.
What does this mean for the future of jailbreaking? While I would not expect a super increase of everyday users returning back to rooting their devices, it does however lay the groundwork for some very serious security implications. With signaling from the malware markets that the cost of exploits is decreasing, which could mean an increase in threat vectors from actors that would not normally have had the capital/resources to utilize them. Additionally, one area we might see an uptick in is with increased restrictions coming from new regulations, some users within the DIB (Defense Industrial Base) may look to by-pass some requirements with the jailbreaking of devices. Security practitioners will need to be on the look out for activity stemming from these.