Do you remember the checkm8 announcement on Twitter back on Sept. 27 that announced a “forever day” SecureROM Jailbreak for the following Apple iDevices running the A5 to A11 chips?
- iPhone 4s to iPhone X
- iPad 2 to 7
- iPad mini 1 to iPad mini 4
- iPad Pro 1 and 2.
- Apple TV 3 to 4K
- iPod touch 5 to 7
The iPhone XS, XS Max, XR, iPhone 11, 11 Pro, and 11 Pro Max, along with the 11” and 12.9” iPad Pro running the A12 and A13 chips are not affected.
We also wrote a blog post about it here on Oct. 1, which stated,“When a full jailbreak is created, MobileIron UEM will be able to detect the device health is out of compliance and halt the enrollment process preventing the provisioning of VPN, WiFi, email, identity certificates, managed apps, and content onto the device. MobileIron Threat Defense (MTD) will also be able to detect the Jailbreak state and quickly remediate any UEM-provisioned settings on the device via quarantine or selective wipe compliance actions after the device has enrolled to UEM. Access to enterprise and cloud resources will also be blocked.”
Introducing the checkra1n exploit!
Apparently, that day is coming this Friday, Nov. 8, with the full permanent Jailbreak called checkra1n!
Some websites and followers boldly state, “This Jailbreak enables iOS downgrading and upgrading to any version without SHSH2 blobs and dual booting of iPhones. Simply, you will see Android running iPhones in the near future thanks to Checkm8 Jailbreak!”
Here’s an umbrella and a trench coat for checkra1n security
Good news! We have confirmed that MobileIron Unified Endpoint Management (UEM) and MobileIron Threat Defense (MTD) are both able to detect the checkra1n vulnerability! MTD is also able to detect five unique device-level threats (Vulnerable iOS Version, Device Jailbroken/Rooted, Elevation of Privileges (EoP), File System Changed, and System Tampering), as well as the Sideloaded App threat at the app-level for the installation of package managers like Cydia, Installer, or Zebra apps. If a Configuration Profile is also installed, then the Suspicious Profile threat will be triggered.
Wear your rain boots also!
A permanent Jailbreak might sound cool to customize your device and load any app you want, but the immediate results can lead to cybercriminals taking over your device without you knowing! Your company will not allow your iDevice to connect to the corporate network or cloud resources if the potential for threats living on the device is detected. Allowing this means your company will be the victim of a data breach where the malicious exploit can move laterally from your iDevice to the corporate network to harvest more credentials and sensitive company data. Deploy MobileIron UEM, MTD, and Access as a multi-layered security framework to protect your personal information and your company secrets from cybercriminals!
How to detect checkra1n jailbreak
|Security and privacy risks: