The iOS jailbreaking community is seemingly hyperactive as one of the famous names in this community iH8sn0w has managed to jailbreak the yet to be publicly released iOS 9.
Revealed through a video on YouTube, the jailbreak has been implemented on an iPhone 5 running the Gold Master seed for iOS 9, which was made available to developers sometime back. The untethered jailbreak works on iOS 9 and iOS 9.1 beta suggesting that Apple has’t implemented any new security fixes in the beta version of iOS 9.1
Some of the technical thing that iH8sn0w revealed include the Kernel Patch Protection that Apple has applied in iOS 9. However, it seems that the protection isn’t enough to stop a working jailbreak. “iOS 9+ arm64 iDevices now enforce a checksum on __TEXT/DATA.const regions of the kernel through the use of TrustZone”, notes the hacker in the description of the video posted online.
The hacker also notes that other than the kernel patch protection, the internal of the iOS 9 are a lot similar to iOS 8 and we believe that it could be one of the reasons why a jailbreak was achieved in such a short time.
The hacker says that if any of the sections are tampered with there is either a kernel panic or EL3 will force a reboot if the kernel doesn’t gracefully panic. However, from the looks of it iH8sn0w has found a race condition that he exploited for the iOS 9 jailbreak.
“You can race it though if you want to play with things. Just be quick! ;P” he notes.
The hacker won’t be releasing the jailbreak publicly until iOS 9 is released so as to stop Apple from applying any security fixes before the public release. We believe that if the jailbreak is released soon after iOS 9, Apple would be able to patch a few or all the vulnerabilities exploited by iH8sn0w before it releases iOS 9.1 and render the jailbreak useless.