Introduction to ios9 jailbreak
This semester, the LCDI will be investigating various jailbreaking methods available for iOS 9. The team’s focus will be to determine what useful forensic artifacts are recoverable through an iOS9 Jailbreak device.
The process will include comparing recoverable data before a jailbreak to the recovered data after jailbreaking the phone. The investigations will explore how jailbreaking restructures the file system and what new artifacts are created once a device is jailbroken.
Jailbreaking a phone gives the user access to its root and media partitions. With this level of control, the user can download third-party applications and modify the operating system. Apple implements tight restrictions that limit the amount of access users have to these functions of their phones, which makes jailbreaking extremely popular.
Thus far, the team has researched the most popular publically used jailbreaks for iOS 9.0.2, distributed by the teams Pangu and TaiG. We have also discussed possible hardware-level exploits that could leverage known vulnerabilities in older hardware to gain root access on newer releases of iOS9.
At the moment, the most recent iOS jailbreak is for version 9.0.2; this lags behind the current standard 9.2.1, with version 9.3 in beta. Because of this, the team will begin by looking at the most recent 9.0.2 jailbreak available and follow any developments regarding jailbreaks of later versions.
Our team will be anxiously waiting with the other jailbreak users for any new updates and will keep readers updated with our findings! If you have any questions or comments about the project, feel free to contact the LCDI through our Twitter account @ChampForensics or via email at email@example.com.