Hackers discover Apple has left a hole unplugged in its mobile OS

May 8, 2012 09:11 GMT  ·  By

After thoughtfully running down all the info tied to iOS 5.1.1 and the possibility of jailbreaking, iPhone Dev-Team leader MuscleNerd acknowledged that Apple has learned about an unreleased method to downgrade A5 devices, but didn’t do anything about it.

A problem faced by iDevice owners since the original iPhone was released in 2007, downgrading the iOS firmware is not allowed by the Cupertino, California tech giant.

That hasn’t been a problem for iOS hackers who have a way to do this by saving what they call “SHSH blobs” with each new release, effectively making the next iOS release downgradable through these blobs of data.

MuscleNerd takes it upon himself to keep roughly 350K Twitter followers up to speed with the latest developments in jailbreaking the underlying software of Apple’s iPhones, iPads, and iPod touch devices.

His latest tweets indicate that iOS 5.1.1, the latest update from Cupertino, is hackable with a recent version of Redsn0w - the Dev Team’s flagship jailbreak tool.

He outlined in a series of tweets yesterday that only “tinkerers” should attempt to employ this tethered jailbreak, adding that regular users should stay away from iOS 5.1.1 until a proper jailbreak is released.

But this is routine in the iOS jailbreak community, as every time Apple rolls out an update, the same pieces of advice are dished out, followed by a tethered jailbreak release, and ultimately by an untethered one.

At the moment, everyone is holding their breath for Chronic Dev leader Pod2g to release his untethered iOS 5.1 jailbreak which should also apply to Apple’s iOS 5.1.1.

But MuscleNerd also revealed to his followers that Apple left a hole unpatched in iOS 5.1.1, despite having included three security fixes for Safari and WebKit.

“5.1.1 shows Apple knows about an unreleased technique to downgrade A5 devices to 5.0.1 with saved blobs (but left it alone..hmm),” MuscleNerd wrote.

It is clear that hackers bypassing the downgrade prevention isn’t much of a problem for Apple, therefore it's not at the top of its priority list. For all we know, the company could be on the verge of enabling “legal” downgrades of its software.