Apple credits iOS 7.1 security changes to evad3rs and other jailbreak community members

Following the release of the first major iOS 7.1 software update earlier today, Apple has now updated contents of the support document which outlines security updates for its products with a link to this newly created document describing iOS 7.1 security improvements.

In it, Apple credits prominent members of the jailbreak community such as evad3rs, the team behind the evasi0n jailbreak, as well as Google and others who reported issues and helped contribute toward the security changes within iOS 7.1…

Speaking of evad3rs, the team has been credited with contributing to four different changes in iOS 7.1.

One deals with a bug allowing a maliciously crafted backup to alter the iOS filesystem, the other details a crash reporting issue that could allow a local user to change permissions on arbitrary files and the remaining two concern a kernel issue that could allow arbitrary code execution in the kernel itself (the stuff of which jailbreaks are made) and a bug that could enable an attacker to bypass code signing requirements.

Apple also credits other members of the jailbreak community such as Springtomize 3 developer Filippo Bigarella and talented iOS hacker Stefan Esser.

Filippo was mentioned in regard to an exploit allowing a malicious app to cause an unexpected system termination and Stefan got thumbs up for turning Apple’s attention to a dangerous bug that enabled a man-in-the-middle attacker to entice a user into downloading a malicious app via Enterprise App Download.

This isn’t the first time Apple thanked prominent hackers for their discoveries. In 2012, for instance, the company credited the 2012 iOS Jailbreak Dream Team with finding a kernel exploit that got patched in iOS 5.1. Likewise, following the release of iOS 6.1.3 in March 2013, Apple in this security note credited the discovery of four of the six bugs fixed to evad3rs.

All in all, the document details two dozen security-related issues in iOS 7 and a total of 41 vulnerabilities that have been fixed or mitigated in iOS 7.1. In addition to prominent hackers, Google’s Chrome Security Team and ordinary users have contributed as well.

Of the whopping nineteen vulnerabilities discovered in Safari’s Webkit browser engine, nine were reported to Apple by Google’s Chrome Security Team. WebKit was previously used in Google’s Chrome web browser.

Signing off, have you ever wondered why Apple stubbornly refuses to publicly acknowledge dangerous security exploits in its software, over which it gets chastised a lot by less-informed media outlets?

“Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available,” states the document.

See, this is for your own protection.

As a friendly reminder, jailbreakers should absolutely stay away from iOS 7.1 unless they want to lose their jailbreak because once you upgrade to iOS 7.1, you won’t be able to downgrade again – even with SHSH blobs.

Evasi0n 7 1.0.7: How To Jailbreak iOS 7.0.6 On iPhone 5S, iPad Air And Other Devices Before iOS 7.1 Release

The Evad3rs team released Evasi0n 7 1.0.7 to address Cydia problems with the previous jailbreak version Evad3rs

If you’re one of the many iOS 7 users that want to run your iPhone, iPad Air, iPod Touch or other iOS device from Apple Inc. (NASDAQ:AAPL) in a jailbroken state, that window may be closing fast.

According to John Gruber of Daring Fireball, the release of iOS 7.1 appears to be imminent, since Apple will be releasing an iTunes Festival app for South By Southwest, or SXSW for those that want to live stream iTunes festival performances next week. While a release of an app isn’t necessarily an event in itself, rumors have been floating that the SXSW iTunes Festival app will require iOS 7.1 before it can be downloaded and opened.

For stock iOS 7.0 through 7.0.6 users, this news won’t affect them as much. However, the release of iOS 7.1 is potentially problematic for users of jailbroken iOS 7.0.x devices, since iOS 7.1 patches the many vulnerabilities used by the Evasi0n jailbreak. In addition, Apple uses a verification system called APTicket, which prevents iOS users of devices from downgrading or using older iOS versions, such as those compatible with existing jailbreaks such as Evasi0n 7.

This verification method prevents any downgrades, as Apple will stop signing APTickets for iOS 7.0.6 once iOS 7.1 is released, effectively blocking users from updating to anything but the latest version of iOS for their device.

With that in mind, those that are looking to jailbreak their iOS 7.0.x device have been advised by several developers in the jailbreak community to upgrade their iPhones, iPads and iPod touches to iOS 7.0.6, the latest version of iOS 7 that the Evasi0n 7 jailbreak currently works with.

Note: International Business Times is not responsible for any damage caused by running jailbreak tools or any unauthorized software on your device. Proceed at your own risk.

For those that currently use an iPhone, iPad or iPod Touch that has been updating using Apple’s over-the-air, or OTA updates, the Evad3rs team behind Evasi0n 7 advise users to restore their devices before running the Evasi0n 7 jailbreak and turning off passcode lock.

Once completed, follow these instructions below to jailbreak your iOS device using Evasi0n 7.

How to jailbreak your iOS 7.0.x device using Evasi0n 7 on Mac OS X:

1.     Download Evasi0n 7 1.0.7 from the official website.

2.     Unzip the downloaded package, open the DMG file and drag the Evasi0n 7 app to your applications folder.

3.     Open Evasi0n 7.

Note: if Mac OSX doesn’t let you open the Evasi0n app, right-click the app and click open, or change your Mac OSX security settings.

4.     Connect your iOS device to your computer via USB cable.

5.     Press the jailbreak button.

Note: The jailbreak process is the same for all iOS 7.0.x devices.

The Evasi0n 7 1.0.7 jailbreak instructions are basic and easy to follow  Illustration/IBTimes

6.     Your device will reboot several times through the process. Follow the on-screen instructions to complete the Evasi0n 7 jailbreak for your iOS device.

Follow the on-screen instructions to complete the Evasi0n 7 jailbreak.  Illustration/IBTimes

According to the Evasi0n 7 website, it is safe to restart the jailbreak process if it gets stuck. However, it is advised to let the jailbreak run through its processes, which are not instantaneous from IBTimes’ experience.

Evasi0n 7 requires some user interaction with your iOS device during the jailbreak process.  Photo Illustration/IBTimes

Once the jailbreak is done, you’ll be able to download tweaks and mods with Cydia, an app developed by Jay Freeman (Saurik).

Once the Evasi0n 7 jailbreak is completed, you can browse the Cydia app for various tweaks and mods being developed for iOS 7.0.x  Photo Illustration/IBTimes

Once iOS 7.1 is released, jailbreak developers will have to work on creating new jailbreak tools for iOS 7.1. However, it's unknown how long it will take until a publicly releaseable jailbreak surfaces.