Apple is having a bad week. And now it just got worse.
Following an eye-opening new report that claims Apple is “ignoring and violating fundamental rights” of iPhone and iPad users through secretive Siri recordings, the company has now been hit with a new zero-day hack which impacts every iPhone released since 2013.
Buried in an ambitious new jailbreak by unc0ver, the vulnerability is remarkable in its scope, allowing the jailbreak to sandbox itself behind iOS security and hide all trace of its access into the platform’s core code. And while unc0ver has good intentions and a large jailbreaking community celebrating the achievement, the vulnerability impacts iOS 11, 12 and 13 (including the Coronavirus-focused iOS 13.5) which leaves every iPhone since the iPhone 5S as a potential open target for hackers with less charitable intentions. That’s hundreds of millions of devices.
Moreover, we shouldn’t be expecting a fix any time soon. Pwn20wnd, the mastermind behind the hack, believes it will take “two to three weeks minimum” for Apple to patch it and told Wired that iOS 14 could be vulnerable to the same flaw if Apple fails to work it out before its launch in September. In the meantime, Unc0ver confirmed that interest in its hack was so great that traffic crashed its website.
And this is all part of a wider picture of iOS warnings. Last much an iOS Mail vulnerability was discovered by ZecOps which affected every iPhone ever made. While Zero-day buyer Zerodium has stated that it isn’t interested in purchasing any new zero-day exploits for 2-3 months due to being overwhelmed by submissions. Following this up, Zerodium CEO Chaouki Bekrar put it more bluntly, tweeting: “iOS Security is f*****.”
For Apple, which trades heavily on its privacy and security credentials, this is a big problem. For millions of iPhone owners around the world, who are paying a premium for devices expected to live up to these ideals, it is even more worrying.
I have contacted Apple about the unc0ver jailbreak and will update this story when I get a response.
Follow Gordon on Facebook
More On Forbes