It has been less than a week since Apple released iOS 14 to the public and the first jailbreak tool for the OS is already out. The team behind Checkra1n have updated their tool to add support for iOS 14.
There are quite a few limitations and catch here though. While Checkra1n is based on a low-level bootrom exploit checkm8 that affects iPhone X and older devices, the initial build of checkra1n for iOS 14 only supports A9(X) and lower devices. This means it only supports a handful of older iPhones and iPads which are as follows:
- iPhone 6s, 6s Plus, and SE
- iPad 5th generation
- iPad Air 2
- iPad mini 4
- iPad Pro 1st generation
- Apple TV 4 and 4K
The good thing is that the Checkra1n team is working on adding support for iPhone 7/Plus, iPad 6th and 7th generation, iPad Pro 2nd generation, and iPod touch 7 in the coming weeks. Apple has added some new security protocols in iOS 14 that make using the checkm8 exploit to jailbreak iPhone X and other vulnerable devices a bit more difficult.
In iOS 14, Apple added a new mitigation to SEPOS on A10 and above (except on Apple TVs and iBridge): if the device was booted from DFU mode and the Secure Enclave receives a request to decrypt user data, it will panic the device. Since checkm8 does not give us control over the Secure Enclave, this is not trivial to workaround. However, with the recently published blackbird vulnerability, we are able to get control of the Secure Enclave on A10 and A10X and disable this mitigation. Support for A10 and A10X devices is being worked on and is expected to be ready in the coming weeks.
Whether A11 devices like the iPhone 8 and iPhone X will be supported will only be clear in the future once the team is able to determine they can bypass this new security measure or not.
[Via Checkra1n]