back

Jailbreaking iOS

From past to present

If you suspend your transcription on amara.org, please add a timestamp below to indicate how far you progressed! This will help others to resume your work!

Please do not press “publish” on amara.org to save your progress, use “save draft” instead. Only press “publish” when you're done with quality control.

Video duration
00:47:57
Language
English
Abstract
This talk aims to give a general overview of iOS Jailbreaking by starting at what jailbreaking was back in the days and how it evolved up until today, while also taking a quick look at how it might evolve in future.

Therefore the following topics are covered:
- Jailbreaking goals (technical)
- Types of jailbreak and it's origins (tethered, untethered, semi-tethered, semi-untethered)
- Exploit mitigations (ASLR, iBoot-level AES, KPP, KTRR, PAC)
- Kernel patches (h3lix)
- Kppless jailbreaks

The goal is to give an insight into the jailbreak terminology, exploit mitigations and how these are dealt with in past and modern jailbreaks.

I will give an introduction in jailbreak terminology and walk through the jailbreak history, thus presenting how iOS devices have been hacked/jailbroken in the past while focusing on what mitigations Apple added over the years.
Therefore i will discuss what effects these mitigations have on jailbreaking and how they were (and still are) dealt with.

This should be interesting for hackers new in the iOS game, as several technical aspects are covered, but also for people who jailbreak their devices and want to get a better understanding of what is happening under the hood of jailbreaks as well as what challenges hackers have to face and why things evoled the way they are right now.

This talk is structured somewhat similar to my previous talk 2 years ago "iOS Downgrading - From past to present".
Watching my previous talk is not neccessary for understanding this one, but is suggested to get a better overall image of iOS hacking.

Talk ID
9618
Event:
35c3
Day
2
Room
Dijkstra
Start
8:50 p.m.
Duration
01:00:00
Track
Security
Type of
lecture
Speaker
tihmstar
Talk Slug & media link
35c3-9618-jailbreaking_ios

Talk & Speaker speed statistics

Very rough underestimation:
139.8 wpm
776.2 spm
100.0% Checking done100.0%
0.0% Syncing done0.0%
0.0% Transcribing done0.0%
0.0% Nothing done yet0.0%
  

Work on this video on Amara!

Talk & Speaker speed statistics with word clouds

Whole talk:
139.8 wpm
776.2 spm
kernelcodepaciosjailbreakspatchbootjailbreakattackerpointersignatureiphonejailbreakingsigningsystembitssecuregametalkkeymemorywatchtowerfunctionregionmacmessagefilephonecontextintroducedpointerspatchesprocessthingstackhardwarerootideatihmstarsandboxappletweaksprettyreturnbasicallymessagesstartedinstalltimebypass