Skip to content

Latest commit

 

History

History
28 lines (17 loc) · 2.17 KB

README.md

File metadata and controls

28 lines (17 loc) · 2.17 KB

EECS 338 checkm8 Paper

Final 3-page paper for EECS 338, taught by Dr. Loui in Fall 2019.


Abstract

checkm8 is a recently released (Sep 27, 2019) jailbreaking tool developed by axi0mX. Being a jailbreak method targeting the BootROM (a.k.a SecureROM) of iOS devices, it is well-known for its unpatchable nature and strong compatibility across 11 generations of iOS devices. This article is intended to give a brief introduction of checkm8, with a proper exposure of knowledge from the very concepts and needs of iOS jailbreaking, to the highlighted characters of checkm8, then to provide a relatively more technical walk-through on the hacking mechanism implemented in checkm8. In the end, it analyzes the philosophical reason behind this exploitation and provides some potential solutions to prevent it from happening again.


Disclaimer

As an assignment for an undergraduate course, the depth of this paper is certainly on the shallow side. Meanwhile some overviewing claims are probably not exactly accurate due to my limited understanding on the field of security.

This GitHub repo is published mainly for proofreading / sharing the developmental process (as git-diff highlights the changes). Please read with cautions, and never hesitate to submit an issue to grill me.


References

  1. Technical analysis of the checkm8 exploit | a1exdandy
    • Must read if you actually want to understand the mechanism of checkm8.
  2. ipwndfu: open-source jailbreaking tool for many iOS devices | axi0mX
  3. A Brief Analysis of the Epic iPhone Exploit: checkm8 | Gh0u1L5
  4. Developer of Checkm8 explains why iDevice jailbreak exploit is a game changer | Dan Goodin
  5. Apple Bootrom Bug: apollo.txt | littlelailo